Friday Squid Blogging: Squid-Inspired Fluid Pump
This fluid pump was inspired by the way squids propel themselves through the water.
As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.
Comments
BEWARE! • June 13, 2026 12:08 AM
“Atomic Arch”: Nearly 900 AUR Packages Backdoored with a Developer-Targeting Infostealer and eBPF Rootkit
https://thecybersecguru.com/news/atomic-arch-aur-supply-chain-attack-ebpf-rootkit/
On June 11, someone going by the username arojas spent what was probably a quiet afternoon methodically adopting orphaned Arch User Repository packages and injecting them with malware. By the time the community caught on, 408 packages were already compromised. By the time this piece was being written, that number had crossed 900 and is still climbing.
Sonatype researchers have named the campaign Atomic Arch. It’s one of the largest AUR supply chain incidents on record, and the technical sophistication of the payload puts it well beyond your average package repository drive-by.
s h o r t u r l . at / tSogd • June 13, 2026 12:19 PM
Quite interesting when the guy mentions how the federa1 judg3$ in 1dah0 are corrupt when they grab cases where their personal friend, the prosecutor, is being sued, – how out of thin air – FRED THE FED SHOWS UP HERE ON THIS BLOG TO TELL THE GUY HOW HE POSTS “FAKES” HERE ON THIS BLOG AND HOW HE “1NC1TE$” SO THIS IS HOW THEY DO DAMAGE CONTROL IN 1DAH0.
s h o r t u r l . at / tSogd
where in the world is duh frenchie • June 13, 2026 12:21 PM
anybody seen the french spy in 1dah0?
1800-CALL-FRENCHIE
Anonymous • June 14, 2026 12:50 AM
The FBI built its own replica small town to simulate real-world cyberattacks
The Federal Bureau of Investigation is pulling back the curtain on a 22,000 square-foot replica town on its Huntsville, Alabama campus that it built to train law enforcement in simulating and investigating real-world cyberattacks.
lurker • June 14, 2026 3:24 AM
Trump Phone finally arrives.
Review, well, trumps it: it’s a rebadged HTC U24 Pro.
Possibly, p’raps. just maybe, “Assembled in the USA” has some relationship to “Made in USA”?
https://www.ifixit.com/News/117789/teardown-confirms-the-trump-phone-is-a-gold-painted-htc-u24-pro
Clive Robinson • June 14, 2026 5:43 AM
@ ALL
“FUD marketing backfire for Anthropic?”
As I suspect most will know Anthropic started Project Mythos that they said was so dangerous knly vetted organisations could access it through Project Glasswing.
Which justifiably earned quite a bit of negative comments that in quite a few cases boiled down to,
“Wasting everyone’s time.”
Meanwhile Anthropic created Project Fable that was similar but importantly was designed for public use. Thus was surrounded on input and output by guardrails for “Cyber and biological”. Which earned further derision from cyber security users,
Again it’s fairly common knowledge that Anthropic has “earned a black mark” with the US Dept of War –as Trumpeta renamed it– for declining to allow it’s LLMs to be used from potentially targeting school children or civilians as has happened with the Israeli IDF.
All this was “Goody, goody, joy, joy” for Sam Altman who jumped OpenAI into the potential “kiddy slaughter” game for a handful of shekels and a rising star on the chart in Trumpeta’s inner sanctum.
Now is the news that late on Friday the US Executive slapped Anthropic down again by banning the worldwide use of both Mythos 5 and Fable 5,
As I warned the problem with guardrails on the inputs and outputs of LLMs is that they,
“There is proof they can always be defeated!”
(Due to the “observer problem”)
So “prompt injection” etc attacks will always be able to “get through”.
Well it’s now being indicated that one of the Project Glasswing members “Amazon” has found such an attack and informed not Anthropic but the US Government Executive and the Worldwide Ban was issued,
What ever the “real reason” supposedly is Anthropic certainly are getting it in the neck from the US Executive…
I guess the “Wait and see” question that arises will be,
“How will Sam Altman jump OpenAI in on this latest Anthropic misfortune?”
For those old enough to remember the 1960’s protest movements I’m reminded of some words from Arlo Guthrie’s “Alice’s Restaurant” where he tries to “dodge the draft” by pretending to be mad in the recruiting office but instead gets a medal.
See Verses 14, 15, and 23,
https://genius.com/Arlo-guthrie-alices-restaurant-massacree-lyrics
Only Sam Altman is not pretending…
Or if you have the time this Sunday sit down and relax and listen to it’s still popular after 60 years,
what i find odd, is the talk of “moratoreums” with respect to the LLM development process. i don’t believe for a second that development will stop even for a week, if one company falls behind on the race for the bomb it’s over: divestment and cannibalism.
Samsonite! I was way off! I knew it started with an S, though • June 14, 2026 5:58 AM
Microsoft has mostly repaired flaw in Surface hardware that allowed unprotected devices to be bricked by a single packet
For the past 90 days, Microsoft has been quietly patching a firmware flaw in Surface devices that allowed the hardware to be bricked with a single packet, though only for those who have disabled Secure Core and Secure Boot.
And the company’s Copilot AI software inadvertently helped identify the faulty firmware.
According to Jack Darcy, a security researcher based in Australia, his instance of Microsoft Copilot stumbled across the bug after being asked to adjust the screen backlighting on a Surface device. The Copilot-conjured Python script ended up rendering the researcher’s laptop inoperable by overwriting the embedded controller firmware.
sugar cane toad • June 14, 2026 6:33 AM
Friday Squid Blogging always feels so good. I only wish the blog comments were as active as they were a few years ago. ^_^
Robin • June 14, 2026 8:02 AM
@Clive: thanks for the reminder of Alice’s restaurant. I believe it’s mostly true: arrested for dropping litter made him ineligible for the draft to Vietnam. The downbeat comparison of the relative gravity of the two sides of this situation is awesome.
these days posting on this site might be classified by some as aiding and abetting terrorists or antifa or anti technology nuts.
evading sanctions, restricted technologies, transfer of arms.., etc.
nobody knows until it’s brought to court and you can’t afford to defend yourself.
Clive Robinson • June 14, 2026 11:29 AM
@ lurker, ALL,
“All that glistens gold is probably a passing-off fraud…”
With regards the Trumper1 and it’s faux look…
Many years ago I was asked by someone I happened to be working with at the time to take six white plastic phones I’d been responsible for design etc and “gold plate them” to be given as “presentation pieces” for the “Customer execs”…
I said I did not think it was a good idea because I had been involved with designing “metal plated plastics” for low cost EMC shielding for another company not that long before.
Of course I was given the usual nonsense about,
“Don’t be daft of course it will all work OK…”
From management… as I pointed out to them,
“It’s your money and product…”
When they turned up they looked really great as it had that deep gold luster look that only a layer of metal can give.
But the phones had in effect “no range” and were deafer than Ludwig if you buried him head down feet up.
Of course you can guess who management blamed…
So another set of phones had to have a “rush job” and although they worked –sort of– they looked about as tacky as the trim on Barbie’s car…
So I wonder what sort of performance loss these Gold Toy1 phones from the Master “Goldbricker”[1] himself will have…
[1] The expression “Goldbrick” in some circles can be quite derogatory and is derived from a “swindle” to “pass-off”[2] what is worthless as valuable,
https://www.collinsdictionary.com/dictionary/english/goldbrick
[2] In the UK the notion of “passing off” has another appropriate term for the Trumper,
“Putting lipstick on a pig.”
https://www.propertymavens.com.au/static/uploads/images/lipstick-on-a-pig-wfvjsacusabo.jpg
Clive Robinson • June 14, 2026 6:12 PM
@ Bruce, ALL,
“According to Microsoft paper LLM AI is no where near as popular as claimed.”
As someone who hardly uses Current AI LLM and ML Systems, but does use other forms of AI quite a bit (yup AI is not just “predictive text” engines).
I’m not surprised even Gen Z has such a low take up. In fact it would probably be lower a lot lower if “Employee performance” was not based on “How many tokens they burn through” as “Tokenmaxxing (one really dumb variation of “management oversight” and about as sensible as “Lines of code written” as a performance measure…).
Most of my LLM use is as a side effect of using search engines fairly much as I used to.
Occasionally I test out “jailbreaking” and “prompt injection” as “research”. But due to the fact all Publicly available LLMs are basically “surveillance engines” thus “a major security risk”, I’m not going to use them for anything else. As an example of this surveillance consider that the Microsoft paper supposedly uses
“anonymized, aggregated Microsoft telemetry.”
The question you should ask is where this alleged “anonymization, and aggregation” of what would have been individual user identifiable Microsoft telemetry data happened…
Which from a security perspective, at best leaves “on premises LLMs” inside an organisations perimeter, that are starting to happen but “hardware requirements” for general LLMs in effect rules them out. As for MicroSoft OS AI that will no doubt “still phone home” if it can.
But back to the point LLMs really are not as many are trying to portray in “popular use” for work.
Which is why this article that does not “go with the VC hype” makes interesting reading,
No, everyone is not using AI for everything.
People are consuming AI like they eat meat: some are embracing it, some are limiting their use of it, and some are avoiding it altogether.
“Last year around this time the New York Times Magazine ran an A.I. issue with an introduction titled “Everyone Is Using A.I. for Everything. Is That Bad?” It’s an edited transcript from the Hard Fork podcast, which I think assumes two things are true that are turning out to be false.
1, Once you’ve tried AI, you use it “for everything.” No, in fact most people who’ve tried it are just occasional AI users.
2, AI has gotten so good that despite any misgivings, “everyone is using A.I.” No, in fact large chunks of the population aren’t using AI at all.
(It isn’t really strictly defined in the article, but I’m taking AI to mean generative AI accessible via a chat interface.)“
https://gabrielweinberg.com/p/people-are-consuming-ai-like-they
Read the rest of it to get a more thoughtful point of view.
But… As I noted earlier today,
The Trumpesters in the Executive have just thrown a major wobbly against Anthropic Mythos 5 and Fable 5 at the behest of Amazon and OpenAI’s significant benifit.
It appears I’m not the only one to notice as a short while later this appeared,
https://garymarcus.substack.com/p/what-washington-must-do
As he points out a certain line has been crossed and it does not bode well for anyone in the US who are in the LLM game, hyping or otherwise.
Johnny • June 14, 2026 7:09 PM
@ r,
[..]
nobody knows until it’s brought to court and you can’t afford to defend yourself.
Good thing I’ve mastered the art of sucking cock and taking it up the ass. I knew they would be handy skills someday. Huh. Go figure!
Clive Robinson • June 16, 2026 7:07 AM
@ Bruce, ALL,
AI shifts a work dynamic balance.
Whilst people talk a lot about Current AI LLM and ML Systems making jobs disappear, thus great unemployment and economic ruin…
They point at historical work styles and methods that nolonger exist[1]
Life basically rarely works that way.
What happens is “work changes” and most people change with it because the changes are not really that rapid[1]. It also helps that a lot of “work” is actually “make work” rather than “production work”.
This is one view from the production “pit / floor” about changes in software production due to Current AI LLM and ML Systems,
Reviews have become expensive, rewrites have become cheap
LLMs aren’t lazy. They don’t cut corners because a simpler solution feels good enough. If they know how to solve something thoroughly, they will.
“An LLM defaults to building when it should be buying. Not because it doesn’t know about existing libraries, it often mentions them, but because for an LLM, writing two hundred lines of implementation is the same cognitive effort as writing two lines of import. There’s no instinct to reach for the shortest path. The shortest path for the model is to implement it completely.
So reviewing AI-generated code has gotten more expensive. You’re reading code that’s technically correct but over-engineered, and you have to decide whether to accept the complexity or push back. That decision takes time. Making the case in review comments takes time. And because the same thing shows up repeatedly, you’re having the same conversation over and over.“
https://ishmeetbindra.com/posts/reviews-have-become-expensive-rewrites-have-become-cheap/
Read that last sentence which had “over and over” telling you that the current process is not just “inefficient” it’s a mental drag on creativity. Thus it’s an ideal candidate to be removed.
The job as such does not change but the balance within it is crossing a “tipping point”.
“Is this a good or bad thing?”
I don’t know, but history tells us it’s to late to “back out” it’s going to happen.
Also it’s going to effect other areas, security will change for one thing…
Currently the attack method of choice is through “libraries of code” that people just import from the Internet. We’ve all seen the XKCD 2347 cartoon with the arrow and “some random guy in Nebraska” comment,
https://www.explainxkcd.com/wiki/index.php/2347:_Dependency
But there is a hidden point that we know but generally don’t think about. It’s “The Kitchen Sink Problem” that library code
“Tries to be all things to all people”
to become popular. With those “alls” comes needless complexity that AI generated code does not need to produce and can be instructed not to.
With the removal of the “alls” goes a lot of not just complexity but security risk, as another security issue “code reuse” goes out the window as well.
As I asked above is it a good or bad thing, I guess it depends on your preference in footwear[2]
[1] The one that got a lot of ancient history discussion is cottage worker weavers. Few mention that those home looms being to small were the real reason large factory looms took over as those using cloth needed the wider widths of cloth.
The balance that got tipped was “sowing cut panels together” and the waste involved with it. Thus wider cloth ment not just a lot of time and labour was saved feedstock costs dropped and product reliability went up.
In more recent times back in 1973 a tipping point occurred, it was the time when office document production was most efficient. Bosses would dictate stenographers would take it down and the typing pool produce the document for “sign off” by the boss.
Technology started to change things dictation machines had been making things faster but at the expense of other areas. Computers started to make significant changes as did fax machines. Within the 1970’s mechanical typewriters were gone as had stenographers and computers and printers on/at the bosses desk became way more common and even fax machines went the way of the dodo. Are there any less women employed in offices these days? Simple answer is “NO” it’s just that “Office Work” has “Changed For All”. The people who lost work and many retired were those who were “repair techs” on the likes of dictaphones and typewriters that had been expensive devices. The younger ones jumped ship to becoming IT techs. These days we generally do not bother fixing laptops etc, it’s less expensive and more tax efficient to send them to landfill and buy new, so even IT techs have had to “change with the times”. So now the Software folks are seeing the change in what they do. It might have taken four and a half decades to go from the first “code generators” such as “The Last One” for the Apple ][ to Current AI that “small models” can run effectively on high end laptops (look up Pi Coding Agent run privately as an example) but it was inevitable as the balance changes.
[2] The English word “sabotage” is derived from the French word for a wooden shoe / clog. Like the word “clogged” the exact route of the words is lost to history and much hypothesis. In both cases the English expression “Putting the boot in” is oft considered…
Clive Robinson • June 16, 2026 10:44 AM
@ Bruce, ALL,
You are aware of what the current US executive did with regards Anthropic which resulted in Mythos 5 and Fable 5 getting pulled from use.
What was not made publicly clear was what the root cause for the hubbub was…
Well,
Feds freaked over Fable 5 after simple ‘fix this code’ prompt, not jailbreak, says researcher
According to the one person who actually read the research paper
“The “jailbreak” that prompted the Trump administration to block Anthropic’s most advanced models was actually a simple three-word prompt: “Fix this code.”
That’s according to Katie Moussouris, founder and CEO of Luta Security, and the fairy godmother of bug bounties. She says she was the only outside expert to read the third-party research paper on the Fable 5 guardrail bypass techniques that prompted the ban.“
Which raises several questions as to what is going on, and who aside from Sam Altman over at OpenAI benefits.
personally,
and i don’t think this point has been argued yet about ML DCs: but i would prefer not live next to a future target for a nuclear weapons attack.
the only advantage to spreading them out, is it’s hard to disable a self healing redundantly distributed AGI.
no thanks.
Clive Robinson • June 17, 2026 7:18 AM
@ r,
With regards,
“[I] would prefer not live next to a future target for a nuclear weapons attack.”
But you have to remember there are three basic parts to a functional Data Center,
1, Power Generation plant.
2, Bit Barn computer halls.
3, Heat dissipating cooling plant.
The war in Ukraine shows that Russia gives a high priority to destroying “Power Plant” either directly or indirectly via the “Cooling plant”. As several very expensive hypersonic missiles attacks have indicated.
Their reasoning appears to have originated as attack “easy to repair weak spots” presumably such that minimal expenditure would be required after the assumed “fast capitulation”.
However it went wrong from just about “day one” for Russia and five years down the road the Ukraine appears even less likely to capitulate. Thus Russian attacks have changed to “destroy infrastructure” no matter what the future cost. Which kind of also suggests Russia knows that capitulation is not going to happen any time soon if at all, thus they have switched to “salted earth” tactics of “bomb them back to the stone ages”.
In the US “zoning laws” are somewhat weird which means that power plant and bit barns will tend to be “ineficiently organised” by having enforced geographic seperation.
Thus do you chose to live closer to power plant or bit barns?
I guess it depends on if you subscribe to the “Professor Falken” view in the 1983 film “War Games” that you chose the place you live on how close the assumed “first strike targets” are…
The fact that seniors in US troops used to refer to London and other UK locals as “ash city” during the “cold war” and Russian military intentions as “Project glass over” was not a great comfort…
However Anthropic’s Mythos and “Project Glasswing” did raise a wry grimace of remembrance in this decrepit old cold war “Awkward Squad” “part time Bleep” and “Scaley-Yomper”.
Clive Robinson • June 17, 2026 8:31 AM
@ Bruce, all with QC interest,
This paper has popped up on ARXIV,
Semiclassical Gravity Efficiently Solves NP-Complete Problems
“Assuming the gravitational field is classical and that it couples to quantum fields via the semiclassical Einstein field equations, we show that the weak-field dynamics of a massive and non-relativistic qubit can in principle be used to solve an NP-complete problem in polynomial time. We attribute this vast computational power to the non-linear dynamics afforded by the semiclassical Einstein field equations. Consequently, the above two assumptions entail a violation of the Physical Extended Church–Turing Thesis, which we regard as evidence for the quantization of gravity.“
https://arxiv.org/abs/2606.14806
Make of it what you will…
this is a different thread than where i was going to post but most likely the more appropriate one.
drones may necessiate the disemination of chip manufacturing technology. moore’s law may have temporarily reached a useability plateau but if the powers that be can’t control an international security technology in the next 20y we may get the opportunities to divert portions of time and silicon to manufacturing an open standard cpu and components outside of the existing channels. cpu technology is a type of printing press or typesetting machine. we can escape this walled garden, there are already small self hosted LLMs capable of designing linux compatible SBCs with off the shelf components.
without memory leaks and backdoors it is exceedingly hard to target an unknown instruction set for installation shifting the architectural mandate for access onto the compiler.
too late • June 18, 2026 12:28 PM
Microsoft Working To Patch ‘RoguePlanet’ Zero-Day
https://it.slashdot.org/story/26/06/17/2030228/microsoft-working-to-patch-rogueplanet-zero-day
Microsoft on Wednesday published an advisory acknowledging the public disclosure of a vulnerability in Defender that could lead to privilege escalation. The security defect, tracked as CVE-2026-50656 (CVSS score of 7.8), was dropped last week by security researcher Nightmare Eclipse (also known as Chaotic Eclipse). “We are working to provide a high-quality security update that addresses this vulnerability. We will provide information in this CVE when the update is available,” Microsoft adds.
RoguePlanet, Nightmare Eclipse explained last week, targets a race condition in Microsoft Defender and allows attackers to gain System privileges. The researcher released a proof-of-concept (PoC) exploit that demonstrates local privilege escalation (LPE) on Windows 11 and Windows 10 systems with the June 2026 patches installed. […] On Wednesday, Nightmare Eclipse pointed out that the PoC works regardless of whether Defender’s real-time protection is enabled or disabled. It may even work in passive mode, the researcher said.
doggy dinner • June 18, 2026 12:47 PM
torget
https://github.com/mtrojnar/torget
The tool downloads large files over a locally installed Tor client by aggressively discovering a pool of fast circuits and using them in parallel. With slow servers, this strategy bypasses per-IP traffic shaping, resulting in much faster downloads.
Onion services are fully supported.
kinda major • June 18, 2026 1:24 PM
FBI Surveillance Network Breached: Salt Typhoon’s Quiet War on American Law Enforcement Infrastructure
June 6, 2026
Salt Typhoon’s entry point into U.S. surveillance infrastructure was through the telecommunications providers themselves. The FBI did not need to be directly breached for its surveillance data to be compromised. The attackers accessed the data where it was collected and processed: at the telecom providers who execute the surveillance orders.
lurker • June 18, 2026 2:17 PM
@too late
Ironic is not a strong enough word for an attack like this on software that is supposed to “defend” against attacks …
Clive Robinson • June 19, 2026 8:05 AM
@ Bruce, ALL,
The Xmass Gift that keeps giving is dolling out some more.
Some of you might have heard of a class of speculative attacks known as “Phantom”.
But probably not so,
Phantom: Exploiting Decoder-detectable Mispredictions
Violating the Von Neumann sequential processing principle at the microarchitectural level is commonplace to reach high performing CPU hardware — violations are safe as long as software executes correctly at the architectural interface. Speculative execution attacks exploit these violations and queue up secret-dependent memory accesses allowed by long speculation windows due to the late detection of these violations in the pipeline.
“In this paper, we show that recent AMD and Intel CPUs speculate very early in their pipeline, even before they decode the current instruction. This mechanism enables new sources of speculation to be triggered from almost any instruction, enabling a new class of attacks that we refer to as Phantom.
Unlike Spectre, Phantom speculation windows are short since the violations are detected early. Nonetheless, Phantom allows for transient fetch and transient decode on all recent x86-based microarchitectures, and transient execution on AMD Zen 1 and 2.“
https://dl.acm.org/doi/abs/10.1145/3613424.3614275
And now also the Apple M1 CPU that had the myth of being “a safe harbour”…
https://latesthackingnews.com/2026/06/14/apple-m1-phantom-speculation-fractal-os/
All of which in effect makes most “user” CPU’s “in class” thus vulnerable.
Underlying this discocery is MIT CSAIL, that built “Fractal” which is running at the base levels of the OS and thus is “closer to the metal” and as such does not get as disturbed by other activities / noise.
It’s now over half a decade and quickly approaching a decade since Spectre / Meltdown popped into public attention despite Intel seniors in effect trying to keep it secret whilst they sold of their shares… It even became the subject of wry humour,
https://www.explainxkcd.com/wiki/index.php/1938:_Meltdown_and_Spectre
Which explains where the name “Phantom” could have come from.
But consider the real issue that is not being solved and probably can not be if “performance” is to be retained is that the hardware design does not “clean up” adequately thus the sweepings / tailings are left…
Which are visible to other users of the CPU. So the only solution we currently have is,
“Not to share CPU’s with other users”
Which unfortunately includes the OS as the MIT work demonstrates.
The only solution we currently have is the EmSec notion of “segregation” or “Separation” (depending on which side of the puddle you are on).
Which boils down to “one task / CPU”…
Something that was fairly well discussed on this blog years before in “Castles -v- Prisons” (which got shortened to “C-v-P” then “CvP”).
But the question of deliberate backdoors in chips goes a long way with a paper from 2013,
https://www.schneier.com/blog/archives/2018/03/adding_backdoor.html/
But we’ve come to realise that the saying,
“Security -v- Efficiency”
Has real meaning at all levels of the computing stack… An it raises a question,
“Do attackers require deliberate back doors implanted, or just creative use of all the vulnerabilities trying to be more efficient has given?”
If the latter this Xmas Gift is going to keep giving and giving.
Subscribe to comments on this entry
Leave a comment
Sidebar photo of Bruce Schneier by Joe MacInnis.
lurker • June 12, 2026 7:27 PM
UK’s Information Commissioner John Edwards has been stripped of his statutory duties during a “workplace investigation.” Edwards is known for being outspoken in attacking big tech.
https://www.politico.eu/article/uk-watchdog-lead-draws-200000-salary-for-no-work-john-edwards/