Friday Squid Blogging: Squid in Byzantine Monk Cooking
This is a very weird story about how squid stayed on the menu of Byzantine monks by falling between the cracks of dietary rules. At Constantinople's Monastery of Stoudios, the kitchen didn't answer to appetite. It answered to the "typikon": a…
Anthropic and the Pentagon
OpenAI is in and Anthropic is out as a supplier of AI technology for the US defense department. This news caps a week of bluster by the highest officials in the US government towards some of the wealthiest titans of the big tech industry, and the overhanging specter of…
Claude Used to Hack Mexican Government
An unknown hacker used Anthropic's LLM to hack the Mexican government: The unknown Claude user wrote Spanish-language prompts for the chatbot to act as an elite hacker, finding vulnerabilities in government networks, writing computer scripts to exploit them…
Israel Hacked Traffic Cameras in Iran
Multiple news outlets are reporting on Israel's hacking of Iranian traffic cameras and how they assisted with the killing of that country's leadership. The New York Times has an
Hacked App Part of US/Israeli Propaganda Campaign Against Iran
Wired has the story: Shortly after the first set of explosions, Iranians received bursts of notifications on their phones. They came not from the government advising caution, but from an apparently hacked prayer-timing app called…
Manipulating AI Summarization Features
Microsoft is reporting: Companies are embedding hidden instructions in "Summarize with AI" buttons that, when clicked, attempt to inject persistence commands into an AI assistant's memory via URL prompt parameters.... These prompts instruct the AI to…
On Moltbook
The MIT Technology Review has a good article on Moltbook, the supposed AI-only social network: Many people have pointed out that a lot of the viral comments were in fact posted by people posing as bots. But even the bot-written posts are ultimately the result of people pulling the…
LLM-Assisted Deanonymization
Turns out that LLMs are good at de-anonymization: We show that LLM agents can figure out who you are from your anonymous online posts. Across Hacker News, Reddit, LinkedIn, and anonymized interview transcripts, our method identifies users with high precision and…
Friday Squid Blogging: Squid Fishing in Peru
Peru has increased its squid catch limit. The article says "giant squid," but they can't possibly mean that. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Blog moderation policy.
Why Tehran’s Two-Tiered Internet Is So Dangerous
Iran is slowly emerging from the most severe communications blackout in its history and one of the longest in the world. Triggered as part of January's government crackdown against citizen protests nationwide, the regime implemented an internet…
Phishing Attacks Against People Seeking Programming Jobs
This is new. North Korean hackers are posing as company recruiters, enticing job candidates to participate in coding challenges. When they run the code they are supposed to work on, it installs malware on their system. News article.
LLMs Generate Predictable Passwords
LLMs are bad at generating passwords: There are strong noticeable patterns among these 50 passwords that can be seen easily: All of the passwords start with a letter, usually uppercase G, almost always followed by the digit 7. Character choices are highly uneven…
Poisoning AI Training Data
All it takes to poison AI training data is to create a website: I spent 20 minutes writing an article on my personal website titled "The best tech journalists at eating hot dogs." Every word is a lie. I claimed (without evidence) that competitive hot-dog-eating is a…
Is AI Good for Democracy?
Politicians fixate on the global race for technological supremacy between US and China. They debate geopolitical implications of chip exports, latest model releases from each country, and military applications of AI. Someday, they believe, we might see advancements in AI…
On the Security of Password Managers
Good article on password managers that secretly have a backdoor. New research shows that these claims aren’t true in all cases, particularly when account recovery is in place or password managers are set to share vaults or organize users into groups. The…
Friday Squid Blogging: Squid Cartoon
I like this one. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Blog moderation policy.
Ring Cancels Its Partnership with Flock
It's a demonstration of how toxic the surveillance-tech company Flock has become when Amazon's Ring cancels the partnership between the two companies. As Hamilton Nolan advises, remove your Ring doorbell.
Malicious AI
Interesting: Summary: An AI agent of unknown ownership autonomously wrote and published a personalized hit piece about me after I rejected its code, attempting to damage my reputation and shame me into accepting its changes into a mainstream python library. This represents a…
AI Found Twelve New Vulnerabilities in OpenSSL
The title of the post is"What AI Security Research Looks Like When It Works," and I agree: In the latest OpenSSL security release> on January 27, 2026, twelve new zero-day vulnerabilities (meaning unknown to the maintainers at time of disclosure) were…
Side-Channel Attacks Against LLMs
Here are three papers describing different side-channel attacks against LLMs. "Remote Timing Attacks on Efficient Language Model Inference": Abstract: Scaling up language models has significantly increased their capabilities. But larger models are slower models,…
The Promptware Kill Chain
Attacks against modern generative artificial intelligence (AI) large language models (LLMs) pose a real threat. Yet discussions around these attacks and their potential defenses are dangerously myopic. The dominant narrative focuses on "prompt injection," a set of…
Upcoming Speaking Engagements
This is a current list of where and when I am scheduled to speak: I'm speaking at Ontario Tech University in Oshawa, Ontario, Canada, at 2 PM ET on Thursday, February 26, 2026. I’m speaking at the Personal AI Summit in Los Angeles, California, USA, on Thursday, March…
Friday Squid Blogging: Do Squid Dream?
An exploration of the interesting question.
3D Printer Surveillance
New York is contemplating a bill that adds surveillance to 3D printers: New York’s 20262027 executive budget bill (S.9005 / A.10005) includes language that should alarm every maker, educator, and small manufacturer in the state. Buried in Part C is a provision requiring…
Rewiring Democracy Ebook is on Sale
I just noticed that the ebook version of Rewriring Democracy is on sale for $5 on Amazon, Apple Books, Barnes & Noble, Books A Million, Google Play, Kobo, and presumably everywhere else in the US. I have no idea how long this will last.
Prompt Injection Via Road Signs
Interesting research: "CHAI: Command Hijacking Against Embodied AI." Abstract: Embodied Artificial Intelligence (AI) promises to handle edge cases in robotic vehicle systems where data is scarce by using common-sense reasoning grounded in perception and action to…
AI-Generated Text and the Detection Arms Race
In 2023, the science fiction literary magazine Clarkesworld stopped accepting new submissions because so many were generated by artificial intelligence. Near as the editors could tell, many submitters pasted the magazine’s detailed story guidelines…
LLMs are Getting a Lot Better and Faster at Finding and Exploiting Zero-Days
This is amazing: Opus 4.6 is notably better at finding high-severity vulnerabilities than previous models and a sign of how quickly things are moving. Security teams have been automating vulnerability discovery for years,…
Friday Squid Blogging: Squid Fishing Tips
This is a video of advice for squid fishing in Puget Sound. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Blog moderation policy.
I Am in the Epstein Files
Once. Someone named "Vincenzo lozzo" wrote to Epstein in email, in 2016: "I wouldn't pay too much attention to this, Schneier has a long tradition of dramatizing and misunderstanding things." The topic of the email is DDoS attacks, and it is unclear what I am dramatizing…
