Schneier on Security

Clive Robinson • January 6, 2026 7:05 PM

@ Bruce,

With regards,

“We don’t have many details:”

No, and we don’t have any clues as such either.

Thus the OrangeUn’s comments could as I said over on the Squid page be “something or nothing” and “It all depends on if what was going on can be “tracked back” etc.”,

https://www.schneier.com/blog/archives/2026/01/friday-squid-blogging-squid-found-in-light-fixture.html/#comment-451121

To save people following that link 😉

News: There Were BGP Anomalies During The Venezuela Blackout

“When watching the situation in Venezuela unfold, the phrase “It was dark, the lights of Caracas were largely turned off due to a certain expertise that we have” caught my attention

…

BGP is the first thing that comes to mind. It’s a protocol used by routers to determine what path data takes to get to it’s destination, it does this by exchanging routing information between Autonomous Systems. It is also notoriously insecure and much of the data about BGP is collected in public datasets.““

https://loworbitsecurity.com/radar/radar16/

However BGP anomalies have been logged in public data bases (unavoidable when playing with BGP not only because of the way it works, but also the way it is used).

Have a read of the Low Orbit article and make your own mind up.

But consider the thought,

“It is odd this security incident has not been highlighted more generally…”

Clive Robinson • January 6, 2026 9:20 PM

@ someone who knows a thing or two,

With regards,

“I’m more than sure that considering his history and background, British GCHQ has long ago backdoored his computers while he was in hospital.”

You are maybe not considering my “history and background” well enough 😉

There are reasons I use pre-1995 computers, and old OS’s and quite a few other things that people find odd or do not understand.

With regards,

“And how you exfiltrate a data? Blink a keyboard LED and record that via a window, just one example to you.”

You will find I’ve written about this in a couple of posts quite some time back to @figureitout back at the time of BadBIOS. He was actually quite shocked when I told him an LED was a bidirectional transducer and could with the right bias be used as a photo diode (worse as with DC Motors and Back EMF accurately giving speed information… By using a “jittered edge square wave you could get the LED to do both jobs at the same time using just one pin on a microcontroller, it’s one of the reasons I like BPSK as Manchester Encoding).

Also I’ve described here a couple of times how to make not just a permanent overt home “SCIF” but a temporary covert “SCIF” as well.

But as you allude to by your handle I also am “someone who knows a thing or two” but what’s the old saying,

“A true gentleman does not SCIF and tell” 😉

Search this blog for “energy gap” and why I know nearly all Commercial “Data Diodes” Pumps and Sluices don’t “gap” with any kind of real security, physical or informational[1].

I’ve been doing “gap crossing” for years and both Passive and Active “fault injection” since before Smart Cards of the 1980’s along with designing surveillance equipment as well.

Yes there is a lot I don’t know, but in general that’s about actual instance implementations, not the classes of attacks / vulnerabilities they are actually in. Which I know via their fundamental “laws of nature” characteristics. It’s why I say occasionally,

“If the laws of nature allow”.

Or as Sir Arthur Conan Doyle put it in part of his maxim[2]

“How often have I said to you that when you eliminated the impossible, what ever remains, however improbable, must be the truth.”

Use it as a filter to asses both yours and others thinking and reasoning.

[1] Sorry folks but if your ICT-Sec relies on assumptions about those devices even those with GCHQ’s “Communications Electronics Security Group”(CESG) and post 2016 “National Cyber Security Centre”(NCSC) nods and approvals you are probably owned already.

[2] It’s known that the fictional Sherlock Holmes was very much based on a real person of Scottish descent acquainted to Conan Doyle. However a more well known and quite real “The Holmes of Lyon” Dr. Edmond Locard, came up with an evidentiary touch stone “Locard’s exchange principle”,

https://en.wikipedia.org/wiki/Locard's_exchange_principle

Which whilst it was based on physical “tangible objects” also works on a lot of informational “intangible objects” like encrypted and encoded information. Where “Methods and Sources” leave their usage fingerprints. Look on it as a much broader form of “Traffic Analysis”. Which is why in other places I sometimes say,

“Where the laws of nature and statistical mechanics allow”

(Here I tend to use “brownian motion” as an analogue as most who have done the first year of High School Science should be sufficiently acquainted with it).

Clive Robinson • January 7, 2026 5:37 AM

@ lurker, ALL,

The “Medvedev ultimatum” or position is that conventional defense spending is in effect useless against the threat the US 5th Gen systems represent.

Thus logically the only states that can now remain safely sovereign are those with a credible nuclear deterrent and long range delivery system(s) to any and all parts of the continental United States and territories it choses to place it’s forces on…

Hence as I’ve noted in the past about North Korea being the actual “Rational Actor” in it’s defence against the USA is to have a “Keep off the lawn” notice writ large for the US voters to see in the form of proven nuclear weapons and delivery mechanism that the US politicians and those of US allies will have to respect.

This does not require an arsenal of such weapons only those that will credibly destroy things like US Carrier groups and military bases from which the 5th Gen systems can be launched and sustained in flight etc.

This includes nuclear based weapons to destroy not just current carrier groups but the non stealth surveillance, in flight refueling, and “Airborne Warning and Control Systems”(AWACS).

Which is why North Korea having observed how the US pulled out “top table” chairs to both India and Pakistan pushed forward it’s defence systems by first developing capable delivery systems, then the banned nuclear enrichment and weapons.

A look at what happened was that at every credible moment the US could have halted North Korea by talks and trade etc agreements were reached the US congress instantly broke them so the North Koreans just carried on…

This is what Medvedev has in effect given voice to. That is to keep a psychotic belligerent like the US in check is to stop it’s capability to carry out it’s policy of the last 75-80 years of “Bomb them back to the stone ages”.

It appears that the only time the US politicians actually acted rationally towards North Korea was during the Korean war when the in theater commander being repeatedly defeated “on the ground” in conventional warfare requested the use of nuclear devices to attack civilian areas like cities and completely destroy them. The US politicians fearing kick back from their home voters said “NO”.

So the US in it’s next “bomb them back” attempt in Vietnam had developed other “Weapons of Mass Destruction”(WMD) in the form of chemical and some biological weapons where they found that attacking the nations food supply would be in effect acceptable to the US voters as they would be blind to it. However civilian on the ground in theater reporting putting US loved ones in body bags every night on TV News at “tea time” was pushing the voters away. Then the now famous picture of a child having had her cloths napalmed off of her body and now badly burnt running for her life on the front of a national magazine was what “killed the war” even for the most staunch of US Conservatives. It’s where they US politicos learned “think of the children” was a good way to manipulate their own population, but they’ve so over played it the US voter is more and more “seeing through it”.

After the chemical and bio WMD use in Vietnam failed, the US tried things in reverse so we had the times of attacking civilian infrastructure the most notable being the encouragement of aircraft hijacking as a new proxie war system that would keep US loved ones out of body bags but feeling afraid to fly etc.

The rational defence against that was to play the game better and also attack visible US Civilian Technology (which incidently is why 9/11 happened). Which was to do in effect what Japan and later South Korea did which was by trade destroy US manufacturing base. Something that China and Europe then continued to do.

At each step of the way US politicians behaved not just in the short term but much worse in the long term totally irrationally and against their own interests…

The result “to save a buck” US Corporates willingly committed “Seppuku” without thought or honour they “outsourced and off shored. The result the US now has no manufacturing of any worth outside of the defence industry –and that’s mostly a “fill yer boots” boondoggle–, no jobs, and sociopaths running the financial sector and walnut corridors… As Cory Docterow pointed out in his 39C3 talk AI is happening “because your boss hates you” and knows in his heart that you not he is what keeps the company going and shareholders happy. It’s also why the fight against Unions has caused so much harm and death and why The World Economic Forum wants personal ownership of real assets outlawed for ordinary citizens so people are forced into the “rights stripping” of “rent seeking” by them. The “You will own nothing and be happy” is two part, the first is what “Rent Seeking” is about and the second well that is to do with what is a form of “Cult Behaviour” or cultural “brain washing” through very early education is all about…

As I explained the other day building up the US Defence Industry is why the current POTUS is in effect encouraging Putin in his aims to destabilise Europe. And so get Europe doubling or tripling defence spending into the US because 7th Gen weapons systems do not come cheap.

But to maintain “control” the US is also desperately trying to do the equivalent of historical “water wars” against the world by controling world Energy supply through oil, coal and nuclear resources. Hence “The War on Green Solutions”. But “The War on Europe” by destabilising the middle East and causing humanitarian crisis after crisis and wave after wave of refugees into Europe has not worked as intended because of Russia acting in a less Covert way toward Europe.

To see this look at Germany it was over ten years behind on it’s “Green Energy” plans and heading into economic stagnation. Russian energy stopped, and within a couple of years Germany is now ten years ahead of it’s “Green Energy” plans and also organising European Defence manufacturing cutting out much of US defense spending from Europe. Which is exactly the opposite of what the US wanted to happen. Other EU nations are heading that way with France being the nail that sticks up causing issue after issue in the EU, When Hungarian leader and “Putins man Orban” is not doing the same via the “one vote dissent” problem the EU has.

I suspect the UK will receive an offer it “can not” nor “will not” refuse from Europe after the EU gets France under Control and Orban neutered. As the UK and France are the only two currently Nuclear Capable nations they are as Medvedev has indirectly pointed out in effect the only sovereign powers in the whole of Europe capable of deterring the US plans. France will quite happily strike back against the US both covertly and overtly because in many ways they are “oh so similar”. The UK however traditionally hung onto the US coat-tails but the US made the mistake of not reciprocating after Brexit… Which was as bad a move as the years of making mistakes around the South China Seas…

As I’ve pointed out Taiwan was the original “China Knock Off” not “Mainland China” they realised that the way to keep the US “on side” and Mainland China out, was with developing superior technology production the US is utterly reliant on. So the South China See nations rapidly ended up controlling the world supply of advanced semiconductors using European technology to do it. From the US perspective they have to be protected untill the US can get the advanced chip generation it needs to develop. Hence the Chips Act and other “bull in a China Shop” incentives. Politically Taiwan does not in any way want TSMC making advanced chips in the US because of the US War Act. So they are playing for time by building up US infrastructure slowly to keep tariffs down and stop others getting in their game. But will they deliver, I suspect not, it’s not the building or machines that make TSMC what it is.

The trick is stopping what the US MIC needs for 7th Gen Weapons and production, at which point the US will if it has not culled certain conservatives do something stupid like start another phase of “War on the World”.

Oh as I noted the other day the US has started in on it’s new “War on XXX” in this case the reason for 7th Gen weapons “drones”. This time it’s not “think of the children” but faux National Security arguments.

I could provide more argument, but that causes an automod issue with having to provide links for “citations” the above arguments I know from the past you can and will find for yourself as well as counter arguments if you feel they need talking through as will certain others. So the Squid threads might get interesting again 😉