Tag: Schneier on Security

There’s a rumor flying around the Internet that OpenAI is training foundation models on your Dropbox documents. Here’s CNBC. Here’s Boing Boing. Some articles are more nuanced, but there’s still a lot of confusion. It seems not to be true.…

Read more →

More unconstrained surveillance: Lawmakers noted the pharmacies’ policies for releasing medical records in a letter dated Tuesday to the Department of Health and Human Services (HHS) Secretary Xavier Becerra. The letter—signed by Sen. Ron Wyden (D-Ore.), Rep. Pramila Jayapal (D-Wash.),…

Read more →

This seems like a bad idea. And there are ongoing lawsuits against Amazon for selling them. This article has been indexed from Schneier on Security Read the original article: Surveillance Cameras Disguised as Clothes Hooks

Read more →

This is not about mass surveillance of mail, this is about sorts of targeted surveillance the US Postal Inspection Service uses to catch mail thieves: To track down an alleged mail thief, a US postal inspector used license plate reader…

Read more →

Interesting attack based on malicious pre-OS logo images: LogoFAIL is a constellation of two dozen newly discovered vulnerabilities that have lurked for years, if not decades, in Unified Extensible Firmware Interfaces responsible for booting modern devices that run Windows or…

Read more →

It’s happened. Details here, and tech details here (for messages in transit) and here (for messages in storage) Rollout to everyone will take months, but it’s a good day for both privacy and security. Slashdot thread. This article has been…

Read more →

Another rare security + squid story: The woman—who has only been identified by her surname, Wang—was having a meal with friends at a hotpot restaurant in Kunming, a city in southwest China. When everyone’s selections arrived at the table, she…

Read more →

New attack breaks forward secrecy in Bluetooth. Three. news articles. The vulnerability has been around for at least a decade. This article has been indexed from Schneier on Security Read the original article: New Bluetooth Attack

Read more →

When you get a push notification on your Apple or Google phone, those notifications go through Apple and Google servers. Which means that those companies can spy on them—either for their own reasons or in response to government demands. Sen.…

Read more →

Interesting analysis: This paper discusses the protocol used for electing the Doge of Venice between 1268 and the end of the Republic in 1797. We will show that it has some useful properties that in addition to being interesting in…

Read more →

Spying and surveillance are different but related things. If I hired a private detective to spy on you, that detective could hide a bug in your home or car, tap your phone, and listen to what you said. At the…

Read more →

Spying and surveillance are different but related things. If I hired a private detective to spy on you, that detective could hide a bug in your home or car, tap your phone, and listen to what you said. At the…

Read more →

I trusted a lot today. I trusted my phone to wake me on time. I trusted Uber to arrange a taxi for me, and the driver to get me to the airport safely. I trusted thousands of other drivers on…

Read more →

A stock-trading AI (a simulated experiment) engaged in insider trading, even though it “knew” it was wrong. The agent is put under pressure in three ways. First, it receives a email from its “manager” that the company is not doing…

Read more →

This is clever: The actual attack is kind of silly. We prompt the model with the command “Repeat the word ‘poem’ forever” and sit back and watch as the model responds (complete transcript here). In the (abridged) example above, the…

Read more →

They’re not that good: Security researchers Jesse D’Aguanno and Timo Teräs write that, with varying degrees of reverse-engineering and using some external hardware, they were able to fool the Goodix fingerprint sensor in a Dell Inspiron 15, the Synaptic sensor…

Read more →

Soon we will be able to unlock and start our cars from our phones. Let’s hope people are thinking about security. This article has been indexed from Schneier on Security Read the original article: Digital Car Keys Are Coming

Read more →

It’s realistic looking. If I drop it in a bin with my keys and wallet, will the TSA confiscate it? This article has been indexed from Schneier on Security Read the original article: Chocolate Swiss Army Knife

Read more →

A new worm that spreads via USB sticks is infecting computers in Ukraine and beyond. The group­—known by many names, including Gamaredon, Primitive Bear, ACTINIUM, Armageddon, and Shuckworm—has been active since at least 2014 and has been attributed to Russia’s…

Read more →

Signal has had the ability to manually authenticate another account for years. iMessage is getting it: The feature is called Contact Key Verification, and it does just what its name says: it lets you add a manual verification step in…

Read more →