Lucene search
K
SchneierRecent

2978 matches found

Schneier on Security
Schneier on Security
added 2025/11/25 12:0 p.m.14 views

Four Ways AI Is Being Used to Strengthen Democracies Worldwide

Democracy is colliding with the technologies of artificial intelligence. Judging from the audience reaction at the recent World Forum on Democracy in Strasbourg, the general expectation is that democracy will be the worse for it. We have another narrative. Yes, there are risks to democracy from A...

6.5AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/11/24 12:3 p.m.7 views

IACR Nullifies Election Because of Lost Decryption Key

The International Association of Cryptologic Research--the academic cryptography association that's been putting conferences like Crypto back when "crypto" meant "cryptography" and Eurocrypt since the 1980s--had to nullify an online election when trustee Moti Yung lost his decryption key. For thi...

6.8AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/11/21 10:8 p.m.15 views

Friday Squid Blogging: New “Squid” Sneaker

I did not know Adidas sold a sneaker called "Squid." As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Blog moderation policy...

6.9AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/11/21 7:7 p.m.5 views

More on Rewiring Democracy

It's been a month since Rewiring Democracy: How AI Will Transform Our Politics, Government, and Citizenship was published. From what we know, sales are good. Some of the book's forty-three chapters are available online: chapters 2, 12, 28, 34, 38, and 41. We need more reviews--six on Amazon is no...

7AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/11/21 12:1 p.m.6 views

AI as Cyberattacker

From Anthropic: In mid-September 2025, we detected suspicious activity that later investigation determined to be a highly sophisticated espionage campaign. The attackers used AI’s “agentic” capabilities to an unprecedented degree­--using AI not just as an advisor, but to execute the cyberattacks...

7.3AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/11/20 12:7 p.m.6 views

Scam USPS and E-Z Pass Texts and Websites

Google has filed a complaint in court that details the scam: In a complaint filed Wednesday, the tech giant accused "a cybercriminal group in China" of selling "phishing for dummies" kits. The kits help unsavvy fraudsters easily “execute a large-scale phishing campaign,” tricking hordes of...

6.6AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/11/19 12:4 p.m.8 views

Legal Restrictions on Vulnerability Disclosure

Kendra Albert gave an excellent talk at USENIX Security this year, pointing out that the legal agreements surrounding vulnerability disclosure muzzle researchers while allowing companies to not fix the vulnerabilities--exactly the opposite of what the responsible disclosure movement of the early...

6.9AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/11/18 12:1 p.m.6 views

AI and Voter Engagement

Social media has been a familiar, even mundane, part of life for nearly two decades. It can be easy to forget it was not always that way. In 2008, social media was just emerging into the mainstream. Facebook reached 100 million users that summer. And a singular candidate was integrating social...

6.5AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/11/17 12:5 p.m.5 views

More Prompt||GTFO

The next three in this series on online events highlighting interesting uses of AI in cybersecurity are online: 4, 5, and 6. Well worth watching...

7AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/11/14 11:33 p.m.5 views

Friday Squid Blogging: Pilot Whales Eat a Lot of Squid

Short-finned pilot wales Globicephala macrorhynchus eat at lot of squid: To figure out a short-finned pilot whale's caloric intake, Gough says, the team had to combine data from a variety of sources, including movement data from short-lasting tags, daily feeding rates from satellite tags, body...

7AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/11/14 5:8 p.m.4 views

Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: My coauthor Nathan E. Sanders and I are speaking at the Rayburn House Office Building in Washington, DC at noon ET on November 17, 2025. The event is hosted by the POPVOX Foundation and the topic is “AI and Congress: Practical Step...

6.9AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/11/14 12:0 p.m.5 views

The Role of Humans in an AI-Powered World

As AI capabilities grow, we must delineate the roles that should remain exclusively human. The line seems to be between fact-based decisions and judgment-based decisions. For example, in a medical context, if an AI was demonstrably better at reading a test result and diagnosing cancer than a huma...

6.8AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/11/13 12:9 p.m.7 views

Book Review: The Business of Secrets

The Business of Secrets: Adventures in Selling Encryption Around the World by Fred Kinch May 24, 2024 From the vantage point of today, it's surreal reading about the commercial cryptography business in the 1970s. Nobody knew anything. The manufacturers didn't know whether the cryptography they so...

7.1AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/11/12 12:1 p.m.4 views

On Hacking Back

Former DoJ attorney John Carlin writes about hackback, which he defines thus: "A hack back is a type of cyber response that incorporates a counterattack designed to proactively engage with, disable, or collect evidence about an attacker. Although hack backs can take on various forms, they are--­b...

6.9AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/11/11 12:8 p.m.8 views

Prompt Injection in AI Browsers

This is why AIs are not ready to be personal assistants: A new attack called 'CometJacking' exploits URL parameters to pass to Perplexity's Comet AI browser hidden instructions that allow access to sensitive data from connected services, like email and calendar. In a realistic scenario, no...

7AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/11/10 12:4 p.m.6 views

New Attacks Against Secure Enclaves

Encryption can protect data at rest and data in transit, but does nothing for data in use. What we have are secure enclaves. I've written about this before: Almost all cloud services have to perform some computation on our data. Even the simplest storage provider has code to copy bytes from an...

7AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/11/07 10:1 p.m.6 views

Friday Squid Blogging: Squid Game: The Challenge, Season Two

The second season of the Netflix reality competition show Squid Game: The Challenge has dropped. Too many links to pick a few--search for it. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Blog moderation policy...

6.9AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/11/07 12:1 p.m.5 views

Faking Receipts with AI

Over the past few decades, it's become easier and easier to create fake receipts. Decades ago, it required special paper and printers--I remember a company in the UK advertising its services to people trying to cover up their affairs. Then, receipts became computerized, and faking them required...

6.7AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/11/06 12:2 p.m.23 views

Rigged Poker Games

The Department of Justice has indicted thirty-one people over the high-tech rigging of high-stakes poker games. In a typical legitimate poker game, a dealer uses a shuffling machine to shuffle the cards randomly before dealing them to all the players in a particular order. As set forth in the...

6.7AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/11/05 12:4 p.m.5 views

Scientists Need a Positive Vision for AI

For many in the research community, it's gotten harder to be optimistic about the impacts of artificial intelligence. As authoritarianism is rising around the world, AI-generated "slop" is overwhelming legitimate media, while AI-generated deepfakes are spreading misinformation and parroting...

6.6AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/11/04 12:5 p.m.5 views

Cybercriminals Targeting Payroll Sites

Microsoft is warning of a scam involving online payroll systems. Criminals use social engineering to steal people's credentials, and then divert direct deposits into accounts that they control. Sometimes they do other things to make it harder for the victim to realize what is happening. I feel li...

6.9AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/11/03 12:5 p.m.6 views

AI Summarization Optimization

These days, the most important meeting attendee isn’t a person: It’s the AI notetaker. This system assigns action items and determines the importance of what is said. If it becomes necessary to revisit the facts of the meeting, its summary is treated as impartial evidence. But clever meeting...

6.9AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/10/31 9:6 p.m.5 views

Friday Squid Blogging: Giant Squid at the Smithsonian

I can't believe that I haven't yet posted this picture of a giant squid at the Smithsonian. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Blog moderation policy...

6.9AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/10/31 11:8 a.m.6 views

Will AI Strengthen or Undermine Democracy?

Listen to the Audio on NextBigIdeaClub.com Below, co-authors Bruce Schneier and Nathan E. Sanders share five key insights from their new book, Rewiring Democracy: How AI Will Transform Our Politics, Government, and Citizenship. What's the big idea? AI can be used both for and against the public...

7AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/10/30 11:5 a.m.4 views

The AI-Designed Bioweapon Arms Race

Interesting article about the arms race between AI systems that invent/design new biological pathogens, and AI systems that detect them before they're created: The team started with a basic test: use AI tools to design variants of the toxin ricin, then test them against the software that is used ...

6.7AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/10/29 11:9 a.m.6 views

Signal’s Post-Quantum Cryptographic Implementation

Signal has just rolled out its quantum-safe cryptographic implementation. Ars Technica has a really good article with details: Ultimately, the architects settled on a creative solution. Rather than bolt KEM onto the existing double ratchet, they allowed it to remain more or less the same as it ha...

6.7AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/10/28 11:1 a.m.4 views

Social Engineering People’s Credit Card Details

Good Wall Street Journal article on criminal gangs that scam people out of their credit card information: Your highway toll payment is now past due, one text warns. You have U.S. Postal Service fees to pay, another threatens. You owe the New York City Department of Finance for unpaid traffic...

6.4AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/10/27 3:3 p.m.3 views

Louvre Jewel Heist

I assume I don't have to explain last week's Louvre jewel heist. I love a good caper, and have like many others eagerly followed the details. An electric ladder to a second-floor window, an angle grinder to get into the room and the display cases, security guards there more to protect patrons tha...

6.7AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/10/27 11:8 a.m.11 views

First Wap: A Surveillance Computer You’ve Never Heard Of

Mother Jones has a long article on surveillance arms manufacturers, their wares, and how they avoid export control laws: Operating from their base in Jakarta, where permissive export laws have allowed their surveillance business to flourish, First Wap's European founders and executives have quiet...

6.9AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/10/24 9:7 p.m.5 views

Friday Squid Blogging: “El Pulpo The Squid”

There is a new cigar named "El Pulpo The Squid." Yes, that means "The Octopus The Squid." As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Blog moderation policy...

6.9AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/10/24 11:1 a.m.4 views

Part Four of The Kryptos Sculpture

Two people found the solution. They used the power of research, not cryptanalysis, finding clues amongst the Sanborn papers at the Smithsonian's Archives of American Art. This comes as an awkward time, as Sanborn is auctioning off the solution. There were legal threats--I don't understand their...

7AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/10/23 11:4 a.m.7 views

Serious F5 Breach

This is bad: F5, a Seattle-based maker of networking software, disclosed the breach on Wednesday. F5 said a "sophisticated" threat group working for an undisclosed nation-state government had surreptitiously and persistently dwelled in its network over a "long-term." Security researchers who have...

6.9AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/10/22 11:3 a.m.5 views

Failures in Face Recognition

Interesting article on people with nonstandard faces and how facial recognition systems fail for them. Some of those living with facial differences tell WIRED they have undergone multiple surgeries and experienced stigma for their entire lives, which is now being echoed by the technology they are...

7AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/10/21 11:7 a.m.4 views

A Cybersecurity Merit Badge

Scouting America formerly known as Boy Scouts has a new badge in cybersecurity. There's an image in the article; it looks good. I want one...

7AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/10/20 11:0 a.m.7 views

Agentic AI’s OODA Loop Problem

The OODA loop --for observe, orient, decide, act--is a framework to understand decision-making in adversarial situations. We apply the same framework to artificial intelligence agents, who have to make their decisions with untrustworthy observations and orientation. To solve this problem, we need...

7.9AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/10/17 9:2 p.m.6 views

Friday Squid Blogging: Squid Inks Philippines Fisherman

Good video. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Blog moderation policy...

7AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/10/17 11:3 a.m.8 views

A Surprising Amount of Satellite Traffic Is Unencrypted

Here's the summary: We pointed a commercial-off-the-shelf satellite dish at the sky and carried out the most comprehensive public study to date of geostationary satellite communication. A shockingly large amount of sensitive traffic is being broadcast unencrypted, including critical infrastructur...

6.8AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/10/16 11:6 a.m.6 views

Cryptocurrency ATMs

CNN has a great piece about how cryptocurrency ATMs are used to scam people out of their money. The fees are usurious, and they're a common place for scammers to send victims to buy cryptocurrency for them. The companies behind the ATMs, at best, do not care about the harm they cause; the profits...

7AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/10/15 11:2 a.m.5 views

Apple’s Bug Bounty Program

Apple is now offering a $2M bounty for a zero-click exploit. According to the Apple website: Today we’re announcing the next major chapter for Apple Security Bounty, featuring the industry’s highest rewards, expanded research categories, and a flag system for researchers to objectively demonstrat...

7.9AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/10/14 4:1 p.m.4 views

Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: Nathan E. Sanders and I will be giving a book talk on Rewiring Democracy at the Harvard Kennedy School’s Ash Center in Cambridge, Massachusetts, USA, on October 22, 2025, at noon ET. Nathan E. Sanders and I will be speaking and...

6.9AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/10/14 11:9 a.m.3 views

The Trump Administration’s Increased Use of Social Media Surveillance

This chilling paragraph is in a comprehensive Brookings report about the use of tech to deport people from the US: The administration has also adapted its methods of social media surveillance. Though agencies like the State Department have gathered millions of handles and monitored political...

6.9AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/10/13 4:36 p.m.3 views

Rewiring Democracy is Coming Soon

My latest book, Rewiring Democracy: How AI Will Transform Our Politics, Government, and Citizenship , will be published in just over a week. No reviews yet, but you can read chapters 12 and 34 of 43 chapters total. You can order the book pretty much everywhere, and a copy signed by me here. Pleas...

6.8AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/10/13 11:4 a.m.4 views

AI and the Future of American Politics

Two years ago, Americans anxious about the forthcoming 2024 presidential election were considering the malevolent force of an election influencer: artificial intelligence. Over the past several years, we have seen plenty of warning signs from elections worldwide demonstrating how AI can be used t...

6.7AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/10/10 9:2 p.m.7 views

Friday Squid Blogging: Sperm Whale Eating a Giant Squid

Video. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Blog moderation policy...

7AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/10/10 11:6 a.m.8 views

Autonomous AI Hacking and the Future of Cybersecurity

AI agents are now hacking computers. They're getting better at all phases of cyberattacks, faster than most of us expected. They can chain together different aspects of a cyber operation, and hack autonomously, at computer speeds and scale. This is going to change everything. Over the summer,...

7.1AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/10/08 4:10 p.m.4 views

Flok License Plate Surveillance

The company Flok is surveilling us as we drive: A retired veteran named Lee Schmidt wanted to know how often Norfolk, Virginia's 176 Flock Safety automated license-plate-reader cameras were tracking him. The answer, according to a U.S. District Court lawsuit filed in September, was more than four...

6.9AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/10/07 11:4 a.m.4 views

AI-Enabled Influence Operation Against Iran

Citizen Lab has uncovered a coordinated AI-enabled influence operation against the Iranian government, probably conducted by Israel. Key Findings A coordinated network of more than 50 inauthentic X profiles is conducting an AI-enabled influence operation. The network, which we refer to as...

7AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/10/06 11:6 a.m.5 views

AI in the 2026 Midterm Elections

We are nearly one year out from the 2026 midterm elections, and it's far too early to predict the outcomes. But it's a safe bet that artificial intelligence technologies will once again be a major storyline. The widespread fear that AI would be used to manipulate the 2024 US election seems rather...

6.6AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/10/03 9:5 p.m.7 views

Friday Squid Blogging: Squid Overfishing in the Southwest Atlantic

Article. Report...

7AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/10/02 4:19 p.m.4 views

Daniel Miessler on the AI Attack/Defense Balance

His conclusion: Context wins Basically whoever can see the most about the target, and can hold that picture in their mind the best, will be best at finding the vulnerabilities the fastest and taking advantage of them. Or, as the defender, applying patches or mitigations the fastest. And if you’re...

7AI score
Exploits0
Total number of security vulnerabilities2978