Schneier on Security

Clive Robinson • July 7, 2025 3:22 AM

@ ALL,

First Work against the wall come AI

There is a debate / discussion going on about who’s job is likely to fet significantly changed / obliterated by current LLM and ML systems.

I’ve already pointed out that “Language Models” lack not just awareness of their environment but the inability to gain it. And it’s not just through “lack of agency” (though it does not help).

Thus non repetitive manual trades or skills are not going to get hit except “on the admin side”.

I’ve noted that there are many administrative “make work” jobs and logically they would be almost trivial to replace… But being “make work” usually means “there is a political –small or big P– reason for the jobs existence”.

However there are exceptions, we’ve already seen this in the decline of low end “guard labour” jobs as CCTV and facial recognition takes over… However those that remain are for “the physical aspects” of deterrent or where static systems are not possible. It’s unlikely this will change for a while because of legal reasons. Disable a human guard and that ranges from assault through kidnapping to murder, all of which are “serious crimes against the person” so have significant criminal penalties. However spray paint a CCTV, break it, or steal it, and those are generally “minor crimes against property” currently. Authority uses “asymmetry of power” in “Might is Right” assumptions in the use of human guard labour. However the legislative process on technology is way behind on this “might is right” asymmetry (expect this to change fairly quickly and with very broad scope).

I don’t really expect “true creative” work to be replaced but “generic or in a style” work will get hit quite hard as it’s fairly easy for LLM and ML systems to be “formulaic + noise”. Thus “copy work” is going to get hit and that effects generic architecture / design / engineering.

The argument against this is usually along the lines of “learned regulations and legislation” being a major and important part of the work.

Unfortunately that’s a faux-argument. It does not take long to realise that “Professions” such as Law, Accountancy, Medicine, architecture, and regulated design are all “formulaic” and it’s something that back in the 1980’s the idea of “Expert Systems” drove the nail in the lid well and truly.

But worse for corporations, nearly all lawful senior management actions are “formulaic” and “heavily regulated”… Thus ideal to be replaced by LLM and ML systems.

So who’s work is safe?

As I’ve mentioned “original creative work” is not something current language based systems are going to replace any time soon if ever due to “view of environment” in a meaningful way…

But somebody has made similar observations and said it in a much more creative way,

“Thesis: interesting work (i.e., work worth doing) is less amenable to the use of AI than … non-interesting work.”

https://remark.ing/rob/rob/Thesis-interesting-work-ie

It’s an essential point that the AGI Hypers and similar trying to keep the bubble inflated are desperately trying to stop people realising.

So if you want to keep your job, you kind of need to make a major part,

1, Bespoke creative.
2, Uniquely creative.
3, Fit human perception.
4, As free from formulaic as reasonably possible.

And those points kind of mean “do what Language Model AI can not do”.

If you feel your software can be written by an LLM in the otherwise interesting “mid point” where all the creative stuff happens, then I would politely suggest you need to “up your game” or “move jobs whilst you still can”.

Clive Robinson • July 9, 2025 6:10 AM

@ Bruce, ALL

eSIM insecurities found

https://security-explorations.com/esim-security.html

“The hack proves that our research on Java Card from 2019 did matter. Oracle indicated the vulnerabilities we reported to the company in 2019 were rather irrelevant (the company referred to them as “security concerns”) / did not affect their production Java Card VM. These are now proved to be real bugs.”

So a half decade or so old vulnerability that “Oracle” unsurprisingly poo-pooed/down played[1].

The rest of the information is a little technical, kind of the equivalent of talking about “how to pick the lock” to a barn full of prized horses.

However the thing to note is,

“we see no base for extending MNO trust beyond its own network”

With MNO meaning the “Mobile Network Operator” or “service provider” in other parlance.

Or put another way

“Do not use the mobile network for any security related activities”

So no “side channel authentication” or “financial or other transactions” etc…

As for secure messaging apps, well some of them are built on the assumption the MNO gives a trustworthy foundation that it now obviously does not.

[1] Oracle has a long and significant history of having multiple security vulnerabilities, but from the very top claiming knowingly and falsely that they had the best security… Even going as far at one point to threaten people with DMCA or equivalent violations if they produced or went looking for vulnerabilities in Oracle code.

Clive Robinson • July 10, 2025 7:09 PM

@ Bruce, ALL,

At last a real ROI on Current AI

This has realy put a grin on my face,

https://www.theregister.com/2025/07/10/ai_agents_automatically_steal_cryptocurrency/

Two Universities nearly poles apart have collaborated on an AI project that goes through WEB 3.0 Smart Contracts to work out how to in effect defraud them,

“Researchers with University College London (UCL) and the University of Sydney (USYD) in Australia have devised an AI agent that can autonomously discover and exploit vulnerabilities in so-called smart contracts.”

“Using AI models to generate exploits for cryptocurrency contract flaws appears to be a promising business model, though not necessarily a legal one.”

Begs the old statement those Crypto Bros used to regurgitate on faith,

“Code is law”

Is far from true, it’s just taking time for legislation to play “catch up”.

Worse with the quoted “Crime and Punishment” figures lookin rather more than a little sparse,

“The risk of imprisonment may shift calculations somewhat. But given the current regulatory climate in the US and an estimated cybercrime enforcement rate of 0.05 percent, it would be a small risk adjustment”

Suggests that the odds of getting away with it are good…

Clive Robinson • July 11, 2025 2:52 AM

@ Bruce, ALL,

Productivity drops with use of AI in development

https://metr.org/blog/2025-07-10-early-2025-ai-experienced-os-dev-study/

To be honest the results of,

“Core Result

When developers are allowed to use AI tools, they take 19% longer to complete issues—a significant slowdown that goes against developer beliefs and expert forecasts. This gap between perception and reality is striking: developers expected AI to speed them up by 24%, and even after experiencing the slowdown, they still believed AI had sped them up by 20%.”

Do not in the least surprise me as I’ve seen similar before, and will almost certainly see it again in the future as with all “toy technology introduction”.

Thus it’s something that might at some point show advantages, but not before significant changes are made.

Clive Robinson • July 15, 2025 12:27 PM

@ fib,

With regards,

“The article never mentions any punishment or accountability for the person who caused the breach.”

From other sources I gather the answer is none or a little bit of retraining, and it is a chain of events not an individual event.

Put together from snippets,

A person was given what appeared to them to be a short list of names in spreadsheet form that “had to be verified”. So they sent out a copy to an appropriate checking agent as part of their assigned work.

Only the list was not what it appeared to be. That was it was a limited view into a much larger background list… Which ment in reality it was near a “full list” containing thousands of names that you could see by just changing the view…

The list then got sent to others etc and a member of the press got to hear about it or a copy of it and started their own “verification” process by “asking questions”.

At which point the panic started.

Due to the “nuclear option” the “superinjunction” is, people started removing information from what had been available to view.

As I’ve mentioned before there is,

1, Data / Information
2, Meta data / information about information
3, Meta meta data / information about meta data and data.

It’s the latter you need to get your head around. Because “a hole in data” or a “change in sequence”, time, pace, length etc etc can be just as informative, sometimes more so than the actual “information”.

There is a story about the First Gulf War, that the first people to know it was happening outside the “oh so secret” areas of US Government / Mil were the Pizza Delivery people that had more orders than they had ever had on a single night and they were all going to just a few “locations” that were “known” to be Mil / Gov places.

Well the sudden speedy deliveries out of the Pizza places was “Meta-Meta-Data” to anyone else trying to get a pizza that night.

So would have been the Credit Card info at the bank checking and payment center. Likewise if it was collected back then “phone call data”.

There is only so much you can do to keep such things hidden from public view or even confidential.

Meta-Meta-Data is beginning to scare people at the tops of certain agencies etc. Because it’s a,

“Damned if you do Damned if you don’t”

Type intelligence event.

To see why consider all aircraft not on “millitary activities” are supposed to have ADS-B transponders powered up at all times to prevent collisions etc.

Now if you are on “millitary activities” then yes your ADS-B can be turned off BUT Mil-ATC via NOTAMs and Civ-ATC are supposed to “keep other aircraft away” again to prevent collisions etc.

The problem is the ADS-B on civil aircraft paint a picture in the sky and on the displays of computers and web pages. So… If you divert Civil flights then it easily shows up as a “hole in ordinary activity”…

So anyone knowing “what’s on the ground” etc in those areas can make a “situational assessment” and in effect do “2+2=hmm that’s odd” or worse.

Meta-Meta-Data is one of the reasons that randomising data via encryption fails as it falls to “traffic analysis”, likewise randomising meta-data fails as it falls to Meta-Meta-Data analysis as well. Trying to randomise Meta-Meta-Data is let’s just say difficult if not impossible for a great many reasons, not least of which are the laws of nature (work requires energy differential and movement, work is inefficient, thus waste heat occurs, that can only end up dissipated in the environment at some point due to entropy otherwise work ceases as the differential diminishes).

Clive Robinson • July 17, 2025 6:41 AM

@ lurker, fib,

With regards,

<

blockquote>”the govt obtained a super-injunction to “hide” the event -after- some of the data had already appeared on Facebook.”

<

blockquote>

The history of stopping “secrets” getting into the news has a long history in the UK…

First up there were various misuses of other legislation on the “stretch to fit you up” basis.

Then came the “Defence Of the Realm Act”(DORA) that gave us “D Notices” that whilst “advisory” often got treated by ministers and editors as some sort of pact. These kind of ended when certain journal editors just ignored “the invitations” and published. Not much later editors passed the story to a subsiduary entirely outside the UK and sometimes Commonwealth. So D Notices got kind of relegated.

There are various bits in both versions of the “Official Secrets Acts” but they became incredibly embarrassing in the “Mad Maggie” era due to her misuse to try to get prosecutions of things that were quite lawful and she cared not who she attempted to destroy (maybe a certain “King burger muncher” took lessons via the Ray-Gun 😉

But in more recent times with “footballer’s Wives” image issues the rise of civil injunctions has arisen…

Yes they are “civil law” but they have “contempt of court” hanging over them that is worse than “criminal law” when it comes to defending yourself (put simply there is no defence that a judge can not dismiss to find you guilty, the only restraint is their bringing the profession into disrepute, which as you can imagine suffers from “The Old Boy Network” issue.

But Super Injunctions are different, because they are “magical” and cast a pawl across the world,

The first bit of magic, is that unlike for ordinary injunctions the very fact that the process has been started is secret and must not be reported. This causes an issue that you can be unintentionally in contempt. Because if you have no knowledge of the procedings you can not know they are in progress and protected. This has a “chilling effect” on “free speech” and “honest reporting”.

Consider someone gets to hear that you might be investigating a story. They get a third party “to hint” that a super injunction is in play even when one is not.

The second bit of magic is an injunction is against certain things and each can be challenged and struck down. The super injunction due to “maintaining secrecy” is very broad as it’s the process that is protected. So even challenging a part does not get you anywhere you have to “destroy the whole” there is no “death by a thousand cuts” where you pick of a bit at a time.

Supposadly the requirments for a super injunction are much higher than for an ordinary injunction to stop the process from being abused… However “the crown and it’s agents” are automatically considered not to be abusers.

But also they have the “National Security” card they can play, in that they are not required to disclose facts to the court only approved court officers in closed session as “in camera”.

It is derived from a Latin phrase meaning “in private” or “in chambers” and it is seldom used in most legal cases because it is to call for proceedings conducted without public access. In the case of National Security it means that even a defendant and their legal representatives are refused access and sometimes even the judge… Who in effect gets directed by a “crown approved agent”. It is without doubt an abuse of basic principles of justice.

So given the low bar on entry given to the crown and the high bar on challenge to all others superinjunctions for “Official Secrecy” has a certain attraction. Add to that you are guilty no matter where you are in the world it kills off the likes of “Spy-Catcher” events where publishing was outside of legal jurisdiction thus could not be stopped and the usual “Blackmail by officialdom” was not going to work.

The fact that some of the information was already in the public domain was irrelevant…

As a third bit of magic is super injunctions effectively become “retrospective”… That is they protect the whole process in secrecy thus anything put up on say a blog prior to a super injunction being started or granted is covered and thus must be made “unpublic” in some way.

This obviously falls into the natural hole that Meta-Meta-Data is and it’s something that the legal profession has trouble getting it’s head around.

There is the old saw of,

“Nature abhorres a vacuum”

Well it’s even worse for Information systems. It’s now generally accepted in ICT Forensics that information is like a geological structure. You just can not remove or replace bits of information without creating sink holes and surface subsidence which almost always shows up rather embarrassingly.