From Schneier on Security
Artificial intelligence (AI) has been billed as the next frontier of humanity: the newly available expanse whose exploration
…
B. Schneier| February 29, 2024
NIST has released version 2.0 of the Cybersecurity Framework:
The CSF 2.0, which supports implementation of the National Cybersecurity Strategy, has an expanded...Bruce Schneier From Schneier on Security | March 1, 2024 at 07:08 AM
In the first week of January, the pharmaceutical giant Merck quietly settled its years-long lawsuit over whether or not its property and casualty insurers would...Bruce Schneier From Schneier on Security | February 28, 2024 at 07:02 AM
Last week, someone posted something like 570 files, images and chat logs from a Chinese company called I-Soon. I-Soon sells hacking and espionage services to Chinese...Bruce Schneier From Schneier on Security | February 27, 2024 at 07:03 AM
Apple announced PQ3, its post-quantum encryption standard based on the Kyber secure key-encapsulation protocol, one of the post-quantum algorithms selected by NIST...Bruce Schneier From Schneier on Security | February 26, 2024 at 07:04 AM
There are correlations between the populations of the Illex Argentines squid and water temperatures.
As usual, you can also use this squid post to talk about the...Bruce Schneier From Schneier on Security | February 23, 2024 at 05:04 PM
New research:
LLM Agents can Autonomously Hack Websites
Abstract: In recent years, large language models (LLMs) have become increasingly capable and can now interact...Bruce Schneier From Schneier on Security | February 23, 2024 at 11:14 AM
Simon Willison has been playing with the video processing capabilities of the new Gemini Pro 1.5 model from Google, and it’s really impressive.
Which means a lot...Bruce Schneier From Schneier on Security | February 22, 2024 at 12:08 PM
First-person account of someone who fell for a scam, that started as a fake Amazon service rep and ended with a fake CIA agent, and lost $50,000 cash. And thisCory...Bruce Schneier From Schneier on Security | February 21, 2024 at 07:08 AM
Microsoft announced that it caught Chinese, Russian, and Iranian hackers using its AI tools—presumably coding tools—to improve their hacking abilities.
From their...Bruce Schneier From Schneier on Security | February 20, 2024 at 07:02 AM
The European Court of Human Rights has ruled that breaking end-to-end encryption by adding backdoors violates human rights:
Seemingly most critically, the [Russian]...Bruce Schneier From Schneier on Security | February 19, 2024 at 11:15 AM
It uses black beans for color and seaweed for flavor.
As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered...Bruce Schneier From Schneier on Security | February 16, 2024 at 05:04 PM
Good essay on software bloat and the insecurities it causes.
The world ships too much code, most of it by third parties, sometimes unintended, most of it uninspected...Bruce Schneier From Schneier on Security | February 15, 2024 at 07:04 AM
The winner of the Best Paper Award at Crypto this year was a significant improvement to lattice-based cryptanalysis.
This is important, because a bunch of NIST’s...Bruce Schneier From Schneier on Security | February 14, 2024 at 07:08 AM
Molly White—of “Web3 is Going Just Great” fame—reviews Chris Dixon’s blockchain solutions book: Read Write Own:
In fact, throughout the entire book, Dixon fails...Bruce Schneier From Schneier on Security | February 13, 2024 at 07:07 AM
Amusing story about a penguin named “Squid.”
As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.
Read...Bruce Schneier From Schneier on Security | February 9, 2024 at 05:09 PM
The widely reported story last week that 1.5 million smart toothbrushes were hacked and used in a DDoS attack is false.
Near as I can tell, a German reporter talking...Bruce Schneier From Schneier on Security | February 9, 2024 at 01:10 PM
Over on Lawfare, Jim Dempsey published a really interesting proposal for software liability: “Standard for Software Liability: Focus on the Product for Liability...Bruce Schneier From Schneier on Security | February 8, 2024 at 07:00 AM
Interesting research: “Sleeper Agents: Training Deceptive LLMs that Persist Through Safety Training“:
Abstract: Humans are capable of strategically deceptive behavior...Bruce Schneier From Schneier on Security | February 7, 2024 at 07:04 AM
A deepfake video conference call—with everyone else on the call a fake—fooled a finance worker into sending $25M to the criminals’ account.Bruce Schneier From Schneier on Security | February 5, 2024 at 11:10 AM