Recent articles
April 9, 2026
On Microsoft’s Lousy Cloud Security
ProPublica has a scoop:
In late 2024, the federal government’s cybersecurity evaluators rendered a troubling verdict on one of Microsoft’s biggest cloud computing offerings.
The tech giant’s “lack ...
www.schneier.com
April 8, 2026
Python Supply-Chain Compromise
This is news:
A malicious supply chain compromise has been identified in the Python Package Index package litellm version 1.82.8. The published wheel contains a malicious .pth file (litellm_init.pt...
www.schneier.com
April 7, 2026
Cybersecurity in the Age of Instant Software
AI is rapidly changing how software is written, deployed, and used. Trends point to a future where AIs can write custom software quickly and easily: “instant software.” Taken to an extreme, it migh...
www.schneier.com
April 7, 2026
Hong Kong Police Can Force You to Reveal Your Encryption Keys
According to a new law, the Hong Kong police can demand that you reveal the encryption keys protecting your computer, phone, hard drives, etc.—even if you are just transiting the airport.
In a secu...
www.schneier.com
April 6, 2026
New Mexico’s Meta Ruling and Encryption
Mike Masnick points out that the recent New Mexico court ruling against Meta has some bad implications for end-to-end encryption, and security in general:
If the “design choices create liability” ...
www.schneier.com
April 6, 2026
Google Wants to Transition to Post-Quantum Cryptography by 2029
Google says that it will fully transition to post-quantum cryptography by 2029. I think this is a good move, not because I think we will have a useful quantum computer anywhere near that year, but ...
www.schneier.com
April 3, 2026
Friday Squid Blogging: Jurassic Fish Chokes on Squid
Here’s a fossil of a 150-million year old fish that choked to death on a belemnite rostrum: the hard, internal shell of an extinct, squid-like animal.
Original paper.
As usual, you can also use thi...
www.schneier.com
April 3, 2026
Company that Secretly Records and Publishes Zoom Meetings
WebinarTV searches the internet for public Zoom invites, joins the meetings, secretly records them, and publishes (alternate link) the recordings. It doesn’t use the Zoom record feature, so Zoom ca...
www.schneier.com
April 2, 2026
US Bans All Foreign-Made Consumer Routers
This is for new routers; you don’t have to throw away your existing ones:
The Executive Branch determination noted that foreign-produced routers (1) introduce “a supply chain vulnerability that cou...
www.schneier.com
April 2, 2026
Possible US Government iPhone Hacking Tool Leaked
Wired writes (alternate source):
Security researchers at Google on Tuesday released a report describing what they’re calling “Coruna,” a highly sophisticated iPhone hacking toolkit that includes fi...
www.schneier.com
April 1, 2026
Is “Hackback” Official US Cybersecurity Strategy?
The 2026 US “Cyber Strategy for America” document is mostly the same thing we’ve seen out of the White House for over a decade, but with a more aggressive tone.
But one sentence stood out: “We will...
www.schneier.com
April 1, 2026
A Taxonomy of Cognitive Security
Last week, I listened to a fascinating talk by K. Melton on cognitive security, cognitive hacking, and reality pentesting. The slides from the talk are here, but—even better—Menton has a long essay...
www.schneier.com
March 31, 2026
Inventors of Quantum Cryptography Win Turing Award
Charles Bennett and Gilles Brassard have won the 2026 Turing Award for inventing quantum cryptography.
I am incredibly pleased to see them get this recognition. I have always thought the technology...
www.schneier.com
March 30, 2026
Apple’s Camera Indicator Lights
A thoughtful review of Apple’s system to alert users that the camera is on. It’s really well-designed, and important in a world where malware could surreptitiously start recording.
The reason it’s ...
www.schneier.com
March 27, 2026
Friday Squid Blogging: Bioluminescent Bacteria in Squid
The Hawaiian bobtail squid has bioluminescent bacteria.
www.schneier.com
March 26, 2026
As the US Midterms Approach, AI Is Going to Emerge as a Key Issue Concerning Voters
In December, the Trump administration signed an executive order that neutered states’ ability to regulate AI by ordering his administration to both sue and withhold funds from states that try to do...
www.schneier.com
March 25, 2026
Sen. Wyden Warns of Another Section 702 Abuse
Sen. Ron Wyden is warning us of an abuse of Section 702:
Wyden took to the Senate floor to deliver a lengthy speech, ostensibly about the since approved (with support of many Democrats) nomination ...
www.schneier.com
March 24, 2026
Team Mirai and Democracy
Japan’s election last month and the rise of the country’s newest and most innovative political party, Team Mirai, illustrates the viability of a different way to do politics.
In this model, technol...
www.schneier.com
March 23, 2026
Microsoft Xbox One Hacked
It’s an impressive feat, over a decade after the box was released:
Since reset glitching wasn’t possible, Gaasedelen thought some voltage glitching could do the trick. So, instead of tinkering with...
www.schneier.com
March 20, 2026
Friday Squid Blogging: Jumbo Flying Squid in the South Pacific
The population needs better conservation.
As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.
Blog moderation policy.
www.schneier.com
March 20, 2026
Proton Mail Shared User Information with the Police
404 Media has a story about Proton Mail giving subscriber data to the Swiss government, who passed the information to the FBI.
It’s metadata—payment information related to a particular account—but ...
www.schneier.com
March 19, 2026
Hacking a Robot Vacuum
Someone tries to remote control his own DJI Romo vacuum, and ends up controlling 7,000 of them from all around the world.
The IoT is horribly insecure, but we already knew that.
www.schneier.com
March 18, 2026
Meta’s AI Glasses and Privacy
Surprising no one, Meta’s new AI glasses are a privacy disaster.
I’m not sure what can be done here. This is a technology that will exist, whether we like it or not.
Meanwhile, there is a new Andro...
www.schneier.com
March 17, 2026
South Korean Police Accidentally Post Cryptocurrency Wallet Password
An expensive mistake:
Someone jumped at the opportunity to steal $4.4 million in crypto assets after South Korea’s National Tax Service exposed publicly the mnemonic recovery phrase of a seized cr...
www.schneier.com
March 16, 2026
Possible New Result in Quantum Factorization
I’m skeptical about—and not qualified to review—this new result in factorization with a quantum computer, but if it’s true it’s a theoretical improvement in the speed of factoring large numbers wit...
www.schneier.com
March 13, 2026
Friday Squid Blogging: Increased Squid Population in the Falklands
Some good news: squid stocks seem to be recovering in the waters off the Falkland Islands.
As usual, you can also use this squid post to talk about the security stories in the news that I haven’t c...
www.schneier.com
March 13, 2026
Academia and the “AI Brain Drain”
In 2025, Google, Amazon, Microsoft and Meta collectively spent US$380 billion on building artificial-intelligence tools. That number is expected to surge still higher this year, to $650 billion, to...
www.schneier.com
March 12, 2026
iPhones and iPads Approved for NATO Classified Data
Apple announcement:
…iPhone and iPad are the first and only consumer devices in compliance with the information assurance requirements of NATO nations. This enables iPhone and iPad to be used with ...
www.schneier.com
March 11, 2026
Canada Needs Nationalized, Public AI
Canada has a choice to make about its artificial intelligence future. The Carney administration is investing $2-billion over five years in its Sovereign AI Compute Strategy. Will any value generate...
www.schneier.com
March 10, 2026
Jailbreaking the F-35 Fighter Jet
Countries around the world are becoming increasingly concerned about their dependencies on the US. If you’ve purchase US-made F-35 fighter jets, you are dependent on the US for software maintenance...
www.schneier.com