Schneier on Security

Clive Robinson • September 7, 2025 5:02 PM

@ Tony H., ALL,

With regards,

“Am I the only one to find this amusing after years of saying just about the opposite? I mean, sure, it’s easier to secure a standalone PC than some mega-AI provider’s cloud, but all that talk of air-gaps and such”

If you ask me or pay me for advice I will still telly you “Segregation is best”

And for doing research work where the tools can run on a standalone system, it is one of the simpler cases to secure.

The problem is the MBA / Neo-Con rhetoric of “connection is everything”…

You know and I know it’s at best unwise to make a system with known vulnerabilities that all MS OS’s and Applications have “available and effectively open to the world”…

But it’s a very very rare case for management to agree.

So whilst I still say it, I also advise how to minimise the other risks.

However arguing against Mega-Corp Marketing is difficult.

Even when there are examples like Broadcom that can be pointed at, managment almost always take the route they think will make most in the short term, even if you can prove that this quarters 10% “saving” will be an increased expence of 5% or more every quarter there after…

Whilst it’s not the case “you can not win” even drawing even is going to prove to be a “No No” to managers who’s bonuses depend on these fake savings. Back when I was just a youngster there was something we called the “Snow white effect” that the likes of IBM kept pulling, but they knew there were always enough senior managers who would fall for the marketing lies..

So I say my piece where it will be listened to but these days… So I otherwise nod politely and walk away.

Clive Robinson • September 10, 2025 9:23 PM

@ Tony Hall, Bruce, ALL,

It’s funny you should say

“Am I the only one to find this amusing after years of saying just about the opposite? I mean, sure, it’s easier to secure a standalone PC than some mega-AI provider’s cloud, but all that talk of air-gaps and such”

Because, not only have I talked for years here about it, but just a few hours ago Bill McCluggage who has served as the first Chief Information Officer for the Irish Government, held the roles of Deputy UK Government CIO, Executive Director for IT Policy & Strategy in the UK Cabinet Office, Director of eGovernment and CIO in Northern Ireland, published an article.

Which is a more polite way of saying what I’ve said about the fact that corporate security was being harmed by MBA types and mega-corps pushing neo-con mantra. With the now obvious notion of “throwing open all the doors and especially windows to let anyone and everyone just walk/climb into systems and walk out with anything and everything they wanted.

Because the mantras boiled down to the nonsense of,

1, Connectivity is magical and will being success in…
2, The cost of security is worse than leaving money on the floor…
3, Securing supply and value chain costs must be minimised to the absolute minimum for “the good of the shareholders”.

Which means it is near impossible when the entire organisations “value added” in and out processes are strung so taught, there is no “slack in the system” for,

“When, not IF things go wrong.”

And several more lunatic “Rules of Mantra” the first of which that you can probably “nail a tail on” is the lunacy of Reaganism / Thatcherism era “Greed is Good, as is the Free Market”. And worse a lot worse the following “deregulation” which is now called by MAGA Mavens “cutting waste” etc. The saying “greed is good” and joke of “Lots of Wonger” are from that 1980’s time, that is before many readers here “were just twinkles in their daddies eye”.

Well those Turkeys are “Coming home to roost” and roast those who chose not to think “independently” (remember why “sub prime” was so devastating?)…

Well like a poison that stupidity was pumped into every corner of unwary organisations…

With the result,

“It’s not just that stored historic data is always a ‘poisoned pill’ that will pull you down.”

Because it is very much worse when historic data is not continuously
sanitised and stored correctly as,

“It is significantly toxic, especially as it needlessly becomes fatally attractive to those with judicial and other demands.”

The thing is people are not learning that the “cost of ensuring” historic data is “continuously sanitised and correctly stored” is immense for good reason. Thus they hang onto the incorrect “magical value” notion of historic data, whilst simultaneously trying to “slash the costs of it to a minimum”…

Thus failing to “sanitise or secure”, not just as an “on going process” but importantly when the data is inevitably acquired by others who then hold the organisation to ransom (be it legal or otherwise[1]).

I was warning about this issue “before the cloud” and that the cloud operators would hold the data and organisation hostage by the fact they had it under their control (effectively as “Dane Geld”[1]). And that any organisations using cloud would have no control, thus no security, thus they would get locked in and bled dry, the same way as the likes of IBM did in the “big iron age” and we now see with Broadcom et al.

Well today that article is the first Trade MSM organisation to call the issue to “front and center”,

https://www.theregister.com/2025/09/10/jaguar_key_lessons/

Titled,

“Cybercrooks ripped the wheels off at Jaguar Land Rover. Here’s how not to get taken for a ride

The humour aspect is that “Jaguar Land Rover, is a very large and fairly famous motor vehicle manufacturer.

The subtitle however wraps the problem in a simple but pertinent question,

“Are you sure you know who has access to your systems?”

To which the answer for even US Government NatSec Agencies is “Apparently Not”… and which only got topical when the DOGiE mutts repeatedly crapped all over the carpet whilst wasting billions.

And worse much worse treasonously giving “big information” prizes to “agents of hostile foreign powers” in the East[2]…

All of which can be traced back to the GOP and neo-con mantras/stupidity.

The article after an extended salutatory introduction goes on to ask the next pertinent point as a “Wide swath scythe of Doom” style question,

“The lesson is clear. It’s not if an organization will be tested; it’s when. So, how can businesses across the UK be better prepared?”

The article goes on to make some of the points you will have heard hear before over the years… that most are difficult to impossible to achieve manageably or more importantly “cost effectively” unless the process of effective “segregation” is used. Because you have no control over the hidden things US Mega Corps tuck in their software.

And it’s realy going to get a lot, lot, worse soon with the perversion of,

“AI with everything”

That is rapidly building the most intrusive Surveillance System we can imagine… Think about why “client side scanning” which the added AI does by default gets around all security such as “End to End Encryption”(E2EE) other than that of “Hard Segregation”…

That is the only way to stop the massive security risk AI presents is,

To stop the in built AI,
1, Being controlled by others,
2, Reporting back data to others.

In short “Hard Segregation” with “carefully mandated and instrumented” “gap crossing”.

The problem is that whilst “Hard Segregation” is relatively easy with “Energy Gapping” technology. The necessary “Gap Crossing”, is in effect difficult to impossible at the carefully “mandated and instrumented” level without years of highly technical experience. Which as they say is “rarer than hens teeth”. Except with Ex-SigInt agency staff, such as those from Israel that have become highly highly suspect in more recent times as they “worm their way in”.

As I’ve indicated in the past having butted heads with them since the 1980’s, they can not be trusted and will betray or worse.

As I can see which way the Easterly wind is blowing[2] I’ve decided to get out of “engaging in the fight on the field of battle” whilst I’m still around to do so.

[1] Rudyard Kipling’s poem “Dane Geld” should be driven into every persons head from a very early age.

The “student notes” says of it,

“Rudyard Kipling’s “Dane-geld” is a forceful and didactic poem, functioning as a warning against the dangers of appeasement. The poem adopts a stern and cautionary tone, initially presenting the temptation to both extort and pay “Dane-geld” a historical term for protection money paid to Viking raiders. This tone shifts subtly towards a more urgent and resolute stance in the final stanza, advocating for resistance and unwavering principle over short-term convenience.”

https://www.poetryverse.com/rudyard-kipling-poems/danegeld/poem-analysis

Reading both the rest of the analysis and the poem it’s self is something that should “Be done in the West”. In part because of,

[2] Charles Dickens warning in chapter 6 of “Bleak House”,

“The wind’s in the east… I am always conscious of an uncomfortable sensation now and then when the wind is blowing in the east!”

Which is based on the Old English proverb for the guidance of all, not just fishermen,

“When the wind is in the east,
‘Tis neither good for man nor beast;
When the wind is in the north,
The skillful fisher goes not forth;
When the wind is in the south,
It blows the bait in the fishes’ mouth;
When the wind is in the west,
Then ’tis at the very best.”

And Sir Arthur Conan-Doyle likewise had a retired Sherlock Homes use the line similarly on Watson in the short story “His Last Bow”.

Clive Robinson • September 11, 2025 12:18 AM

@ not important, Bruce, ALL,

Where will we all go?

There are a number of opinions about what AI will do to workers.

This almost diametrically opposite view,

https://www.yahoo.com/news/articles/ai-expert-says-not-ai-145521588.html

Also appears in Yahoo, from which you got the view of Professor Baobao Zhang, of Syracuse University.

I’ve worked on and off with robotics and earlier generations of AI such as fuzzy logic and expert systems.

It helps to think of Robots as being,

1, Encased wheels cogs and leavers.

That ordinary folks see as magic or nightmare, not realising that trains, boats, planes are just that. As are lifts and many many other machines we take for granted such as computer printers, photocopy machines and those snack and coffee/Tea machines down in the work cafeteria. Even the “white goods” in our kitchens.

They all have,

2, The mechanics of 1 driven by motors and servos, that in turn are driven by power electronics.

Because it’s easy and these days very efficient (read up on “power trains” in EV’s compared to ICE vehicles it will surprise most).

But so far nothing is in anyway more intelligent than a bunch of switches, potentiometers, and passive indicators. So you then need,

3, Low power interfacing to the power electronics driven by specialised microcontrollers.

This is where the AI starts, that is where servo control loops get augmented above simple feedback systems. It’s an area where “Fuzzy Logic” does a lot of interesting things that humans likewise do but totally without thought.

For instance you walk by continuously “tipping over” into an unbalanced state. But you do it without “falling down/over”. In part by feedback from nerves, muscles, optics and that labyrinthine system in each ear. But also by modeling inertia as a “feed-forward” system that predicts what you have to do, and by how much, quite a while before you do it.

I’ve spent a lot of time doing this as it makes systems faster, more responsive, and quite a bit more efficient, but importantly safer (which having nearly had my brains knocked out by an industrial arm robot that jumped programming is kind of important to me).

Interestingly for many is that such safety systems are more complex versions of “intrinsically safe” and “fail safe” systems used on passenger and larger vehicles.

But at this point the microcontrollers of 3 do not actually do more than your autonomous systems do. That is you can get a robot arm to move a cup around by command, but the microcontroller does all the work to keep not just the cup level but speed up and slow down so the drink dies not get spilled. That is the command to the microcontroller moves the centrum if the cup, the microcontroller “knows about the cup dimensions” from other systems.

4, Warning systems that tell command systems when a command can not ve done.

This is a mix up of fuzzy logic and Expert Systems AI working together. But this is still in no way “intelligent” it just does things autonomously untill error correction is required. In a way it’s an automatic pilot that alerts when the environment changes so the higher level command system can make higher level choices.

Remember the pilot points the plane in the right direction, the navigator determines the actual flown course and direction the pilot takes. The navigator however is still not functioning as the executive who choses and sets the flight plan.

This “executive function” is kind of what the Current AI LLM and sometimes ML systems carry out.

And current AI LLM systems actually are not that good at unbound executive functions. The best I’ve heard is “mediocre”.

Now this is the interesting part few talk about.

“Between 1/3rd and 1/2 of jobs are or are a form of “makework” that serve little or no executive purpose.”

Back a half century ago we had a lot of jobs that we really rarely see these days. Such as stenographers, copy typists, dictation typists such as medical secretaries, desk clerks, computers and compucontrolers.

Their job functions are done by computer…

It’s these sorts of jobs where the humans are acting as the work flow cogs, wheels and leavers that are going to get replaced.

Oh and quite a few “Professions” such as accountants, solicitors, administrators.

Basically those that “know the rules”, “apply the rules”, and do “rules based processes”.

It’s easy to see how the accountancy and law professions will collapse.

It’s why LLMs can do “protein folding”, “drug prototyping” and much of the non artistic architecture. But they are neigh on useless for original reasoning, design etc.

The funny thing is surgeons will get replaced faster than plumbers and the AI surgeons will be actually safer than the current human ones…

The thing to watch out for is “originality” that is what will keep you “job safe”. It applies to “trade persons” currently simply because “every job is sufficiently unique/original” that Current AI LLM and ML systems do not have “training data” it can filch.

The fun thing is that some even mundane to human jobs will be beyond LLM and ML systems.

We talk about “logic and reasoning” but that is totally insufficient for what are to humans quite simple “feel it out” work…

We are “tuned to the environment adaptably” LLMs and MLs are currently “nothing even close”.

But… Who are going to be the “lucky worker” and who will be “80 hours of do nothing idlers”

History suggests that it’s an issue that will be gone in less than a generation.

That is freed up labour will simply evolve into new types of work, or working practices.

A Victorian plumber, does a very different job to a modern plumber. The industry behind plumbing has got rid of lead work, and copper work will be gone fairly soon.

We used to use copper for telephones, we are rapidly stopping doing that but fiberoptics and wireless have replaced copper in the ground.

These “in job changes” are easy to see when pointed out… The job remains but the technology and techniques change.

The only jobs that will go are the ones that are not really jobs but rules based professions that in reality are just processes. Because there is not really any new techniques to be learned that a rules based system can not do better.

What will happen is jobs will develop more interesting and exacting processes, entirely new jobs will come into existence and the dreded “P Word” of productivity will get thrown around by certain types trying to remain relevant, where they are not even today.

Oh and as for managers and CxO’s and business executives, to misquote a phrase,

“They don’t realise it but they will be the first going up against the wall they think they are building for others.”

And they will have done it to themselves… How dumb is that?

The thing is we’ve seen them do it to themselves before with “Business Consultants” that are the true vampires at the Big 4 accountancy firms.

Clive Robinson • September 11, 2025 1:50 AM

@ lurker,

With regards,

“I learned at an early age something that always puzzled me:”

Ahh… To put your mind at rest it’s a “clock face problem”.

Back when the phrase,

“The East wind doth blow,
and we shall have snow.”

Was thought up, “The East wind” ment the opposite of what it did later.

You can see it also with,

“When the wind is in the east,
‘Tis neither good for man nor beast;”

Ask yourself what does,

1, The East wind
2, When the wind is in the east

Actually mean?

That is,

1, Comming from the East
2, Blowing to the East

It actually ment both…

On land where you were fixed it ment the wind was comming from a place East of you.

So in London a wind from the East would be from Moscow (hence the book title) but the arrow of the wind vane would “point into the wind” towards Moscow thus points to the East

Thus you would “look into the wind” as it hit you in the face.

But if you are in a sail boat it was the other way around that is the wind from the East moved you in an Westerly direction.

You “went with the wind” and “the wind was at your back” not your direction of travel.

In the UK the predominate wind direction is from the South West, so in off the warm atlantic upto the North East of the cold North Sea and the Continent of Europe.

Which is why Britain and the UK has a “maritime climate” which is wet and cool/warm. Not as most of Europe does a “continental climate” which is dry and cold/hot.

Over time wind vanes and sail boats disappeared and about a century and a half ago science went from “local weather” to “global weather” so they picked as always for political reasons to say which way the wind was… And we’ve all been confused ever since…

The rule is – it’s named from the direction of origin. So that wind from Moscow is from the east or easterly… However due to sailing the exceptions on naming conventions are… Onshore winds blow onto the shore from the water, and Offshore winds blow off the shore to the water.

So yeah we got that sorted…

Clive Robinson • September 12, 2025 10:46 PM

@ ResearcherZero, ALL,

With regards Peter Thiel and his idea to setup what would be the,

“Biggest Private Surveillance Company in the World”

That is named after the “Seven Seeing-stones or “Palantir” from the Tolkin books including the “Lord of The Rings”(LoTR). The stones were in effect spying devices that could see and communicate anywhere in the present, recall anything from the past and see into the future. Peter’s idea was to build a massive spying database to rival that of the NSA and CIA and to use predictive technology to do the “see into the future” bit. Originally this was supposedly by statistical methods but “Surprise” is now claimed to be specialised thus advanced AI…

I’ve said a few things over the years about Peter Thiel’s Palantirs “apparent MO” and none of it’s been good. Remember they were tangled up in some way with Cambridge Analytica and Facebook activities / revelations that had been set up by and still had close ties to the US GOP via the Mercers hedge fund and funneling pay offs through Russia was the least of their highly questionable and illegal activities. The Mercers were alleged to have funded Boris’s Brexit plans as well as have the Cambridge Analytica investigation / enquiry by the UK Met Police not just interfered with, but killed off by Boris’s successor who had for many years been the UK Home Office Minister and as such it was said had “fingers in all the pies”.

Unfortunately much of it has been tried to be kept hidden by Peter and Co. Including a rather nasty “Drug dealer like” business plan.

Thus it is hard to directly determine if this “£330m contract with the NHS” is part of, or a follow on of, the C19 era revealed deal where Boris Johnson handed over the entire “Medical Records” of UK Citizens to Peter Thiel for £1 in return for some very basic “tracking” of UK Citizens without their permission[1]. Recent events that have “happened to me” indicate that the the records Palantair have are not just being actively updated, but widely handed out to people who should have no right of access to them.

This data trove on UK citizens was originally set up by Tony Blair UK “Prime Minister”(PM) to replace the existing creaking and failing NHS Records system based mainly on paper. The “big sell” was that it would all become electronic and automated to “follow the patient” were ever they went.

Part of it was a new encryption system from the public face GCHQ, CSEG rumoured to be called “Rambutan” (a fruit that is prickly on the outside but soft and yielding inside)[2].

Thus the publicised idea was that if you lived in say “Lands End” at the south toe of England and had an accident at “John O’Groats” campsite at the north tip of Scotland then your entire “patient record” not just your “Medical Records” would “auto-magically” become available to any and all NHS “front line staff” (and as we found out later just about any one including Banks and Insurance companies).

It was detailed as something that was an important part of something called “The NHS Spine” and advertised to the UK and others as the “Worlds biggest IT Project”. It got some fairly pointed criticism not just from Experienced ICT Practitioners, but Trade Press/journals and Academics from the likes of Cambridge with Prof Ross J. Anderson being a fairly public critic who told people how not to have their records added. Thus political blow back followed and “Citizen Opt-Out” was fairly quickly removed.

It was thus unsurprisingly an abject failure by just about any business or reasonable company performance measure. Worse it was a complete “Security Nightmare / failure” and “The D-Word” was frequently heard.

But it got all those UK citizens records and intimate secrets into others hands especially Peter Theil’s and his Global Surveillance system…

Thus that £1 is now £300 million and likely to be one of successive “no bid” contracts for hundreds of millions if nor billions. So the “Drug Dealer” business plan is obviously paying off for Peter…

[1] The use of C-19 Lockdown “emergency” was used by Boris Johnson UK Prime Minister to “gain & use” the dictatorial powers he had in practice usurped in the crisis to give all that data for supposedly £1 to Palantir in return for a “back end” to a tracking system contract “Handed out by Boris to his mates”… That suprise suprise cost the country a fortune and never delivered a thing… Except for UK Medical Records to Palantir and Peter Thiel

[2] I heard interesting information on the Rambutan system back in the 1990’s when Baltimore Technologies who provided “telecom infrastructure” to the UK were setting up offices in –the sinking– “Tolworth Towers” next to the major arterial road “the A3”. Once known as the “Portsmouth Road” that was the main communication from the English Admiralty in Whitehall to the Navy Docs and administration in Portsmouth, and as such had been the site of the first “semaphore system” for Government “secret” communications.

The main idea behind Rambutan was that it was “The UK Clipper Chip” for a Capstone like system deceloped by RACAL a known supplier of Crypto and Radio systems for high level crypto to the UK Government.

Even today little is known about Rambutan and it’s always been assumed it was a “Stream Cipher” made to look like a “block Cipher”. But like the similar ETSI ciphers used in GSM and DMR systems for “consumer/commercial privacy” that we’ve heard so much bad about in the past few years due to “built in backdoors” there has been a hard clamp down on Rambutan information. But by the idea of “from the same stable” and “Birds of a feather” it’s been assumed it almost certainly has “back doors built in” as “the best thing about a bad idea is ‘Reuse is King'”.