Schneier on Security

Clive Robinson • January 10, 2026 2:23 AM

@ Q,

Hmm,

“… then the next level must be UNREAL-ID”

When you step down the Unreal path, your virtual existence will have a less than Epic doom…

Somebody I know got herself hooked on the game back in the 90’s (yes it started a long time ago) and was an avid competitor. But Epic Games killed the servers off and it kind of stopped a couple of years back and left her and so many more without the competitive rush in their lives.

I never could get into video games, due to having been involved with the design of simulators for the military who could buy displays that were more than I earned…

Clive Robinson • January 10, 2026 12:33 PM

@ Alex, ALL,

BGP and Venezuela incursion

The W questions of “Who, Why, When, What, Where, etc” of the Internet during the time period of the US unlawful incursion into the Sovereign Nation of Venezuela to remove the Head Of State is still being contested.

So your question of,

“Is it likely that whatever the government did in Venezuela with BGP has been burned as a useful method?”

May be the wrong one because it may be coincidence rather than correlation. That is there may not have been US or any other government “cause of the effect” seen in BGP logs.

Further even if it was “cause” for it being “burned” depends on how “general” it is. If it was cause and it was also very highly specific to Venezuelan infrastructure, then it may be of no further use except against Venezuela, and it may have a simple mitigation in Venezuela, to in effect have made it a “One Time Attack Vector”(OTAV).

That said BGP is very “open” and “public” almost everything that “causes” even the slightest of changes gets “broadcast” and is often directly attributable down to the person who’s fingers “did the deed” because it all gets multiply and independently logged automatically. Likewise the “effects” get similarly logged and statistical analyse possible is consequently very high.

That said… It’s known that the NSA tries wherever possible to stay out of a targets systems. It does this by subverting Internet routers and similar just upstream of the target, so that,

1, The target sees no intrusion
2, Few others see the traffic between the subverted router and target.

So it is possible that the messages to a BGP instance may not be logged elsewhere. Thus the “actual attack” may not have been seen. However it’s harder hiding the “effects” even if full control of upstream routers is held by the NSA. So the attack “type” or “class” may still be inferred from the “effects”, though the actual “instance” method may not be.

Which brings us onto your point of,

“I imagine lots of people are trying hard to figure out what was done and how”

Yes and no, there is a saying about not running a fools errand. If the early perception is “coincidence not cause” then the answer is quickly going to be people stop running to look for what they think will not be there to find.

It’s why few people find valuables on the ground, because they have no expectation of finding anything so don’t look thus “never see”[1].

Which brings us onto your,

“[I]f that gets published, routers will end up getting hardened so it can’t be done again.”

This depends very much on,

1, If the look
2, If they publish
3, If it’s seen

The US has some laws about “treasonous behaviours” as well as DMCA 1201 and it’s often been suggested that Western AV companies are “held back” by them…

The UK has three direct pieces of legislation,

1, The “Defence of the Realm Act”(DORA)
2, The two “Official Secrets Acts”(OSA)

And more recently other electronic systems acts following on from,

3, The “Computer Misuse Act”(CMA).
4, The “Regulation of Investigatory Powers Act”(RIPA).

And most recently,

5, The “Online Safety Act”(OSA).

And various provisions within,

6, The “Fraud Error And Recovery”(FEAR) act.

Can be suitably “mis-used” as can the harassment legislations.

It’s the real problem with “Responsible Disclosure” in that you are in effect,

“Required to ‘tell before you yell'”

(See Section 1 subsection 2 of the Fraud Act 2006[2] specifically types of fraud B and similarly C).

Which allows such draconian legislation to be used to arrest and detain / coerce before you can publish.

[1] I do look but not in expectation of finding anything, but because in my “advancing years” I trip very easily and can not recover my balance easily… Thus hitting the ground unprepared through not looking has a high probability ={ Experience tells me it often hurts, and as I’m not especially fond of pain I look… However I am quite fond of valuables and I’ve found a fair few per walked mile in my time 😀

[2] The UK Fraud Act 2006 Section 1, subsection 2, outlines the different ways a person can commit fraud, which include: (a) fraud by false representation, (b) fraud by failing to disclose information, and (c) fraud by abuse of position.

Clive Robinson • January 10, 2026 3:46 PM

@ Bruce, ALL,

Self repairing QC good or bad?

Yes a little clickbaity but it’s actually an honest question.

Quantun Computing has in effect been stalled for the past decade or so because of reliability issues that mean things get very complicated and the number of Qbits required goes up by some power law that “ain’t small”.

Well to step in the forward direction requires some changes in the ways things are done.

Thus this can be seen as good news or bad news depending on your point of view,

Scientists build a quantum computer that can repair itself using recycled atoms

“Like their conventional counterparts, quantum computers can also break down. They can sometimes lose the atoms they manipulate to function, which can stop calculations dead in their tracks. But scientists at the US-based firm Atom Computing have demonstrated a solution that allows a quantum computer to repair itself while it’s still running.“

https://phys.org/news/2025-12-scientists-quantum-recycled-atoms.html

Thus upping reliability and in turn availability.

So is this a good thing or not?

Well it depends on your view point. As some have pointed out QC does not have sufficient applications to justify the cost. So reducing cost makes the number of applications that might benefit from QC go up, thus increasing demand and in turn bringing the costs down further in a decreasing spiral.

However the most likely application for QC is reducing the time it takes to break certain types of encryption. As Post QC Crypto algorithms are still a subject of debate it’s generally felt that in Cryptographic circles QC is “bad news” especially where RSA and other PubKey crypto used for “key establishment” is concerned. Which is perhaps the most important thing in the Modern Western World where just about all usage of electronic communications for business activities of any form now reside.

To understand the gravity of this consider what happens when the Internet is lost for even a very short time. Virtually all economic activity and supply chains in the areas where it is “out” come to a halt. Whilst there are work arounds that can be established –ie do it the old fashioned way– they are limited in range, slow, and in comparison inordinately expensive.

Currently Iran for various reasons not precisely known but “assumed” is suffering distinct signs of economic chaos/collapse because the Internet there has been brought to a halt for by far the majority. Flipping the nation from what some would consider 2nd world status very definitely into 3rd World status…

Just remember 1st world status now depends very heavily not just on eCommerce but eFinance for payment and banking, especially with “cash” being not exactly something most people have a lot of if any in their pockets…

So where do others feel they stand on bringing QC closer to useful?

Clive Robinson • January 10, 2026 4:30 PM

@ Bruce, ALL,

This is “hot in” as I just got notified about it. But a quick read shows that people still don’t Grok security or the history of security,

Danish chemist’s invention could make counterfeiting a thing of the past

“Every year, companies lose revenue when goods are copied or illegally resold. Now, a new digital and legally binding fingerprint developed at the University of Copenhagen makes products impossible to counterfeit.

…

Thomas Just Sørensen, a chemist at the University of Copenhagen, has invented a unique solution to combat this problem. Together with Danish entrepreneurs and investors, he has developed the O−KEY technology—a kind of digital fingerprint that makes any physical product impossible to counterfeit.“

https://techxplore.com/news/2026-01-danish-chemist-counterfeiting.html

This idea is actually not new just decades old.

Originally it was developed to be used for putting unforgeable identifiers on weapons of mass destruction and their delivery system.

It basically consisted of short lengths of “choped strand fiber glass” randomly mixed into clear epoxy and just painted into a fixed square over the serial number. A “stereo photograph” was then taken and stored away.

A variation was the use of threads in hand woven cloth used in rare and very valuable religious books, discussed on this blog years ago.

So this “new” system uses coloured grains of sand, it’s not any different really.

Oh and the system developed for weapons is nolonger used because… It might be unforgeable on the “tangible physical object” but it is all to easily forgeable as an “intangible information object” in the electronic “verification” communications back haul by simple substitution…

And there is, as of yet, no way to fix this problem…

Clive Robinson • January 11, 2026 6:04 AM

@ old_regular,

Thanks for the info on the Nitter replacement (I wonder how long it’s going to last)

Nice to hear from you hopefully you will drop by a little more often as the Tech-Talk was not the only thing that made this blog what it once was before well N’uff said

Keep well, and stay out of any “chill winds from the Eastern”.

Clive Robinson • January 11, 2026 11:04 AM

@ Bruce, ALL,

And so the AI conflict becomes more than a data arms race as call to arms is launched

AI industry insiders launch site to poison the data that feeds them

“Alarmed by what companies are building with artificial intelligence models, a handful of industry insiders are calling for those opposed to the current state of affairs to undertake a mass data poisoning effort to undermine the technology.

Their initiative, dubbed Poison Fountain, asks website operators to add links to their websites that feed AI crawlers poisoned training data. It’s been up and running for about a week.“

https://www.theregister.com/2026/01/11/industry_insiders_seek_to_poison/

This could get quite nasty not just between the AI companies and insiders, bad data can actually poison and harm individuals.

Think of “glue on pizza” and jokes about “US Executive advice on the use of bleach” have already done…

As I’ve noted before “Hoovering up input data” is very much not the way to go as it has so many ways to fail, it’s hard to see how hoovering the Internet can do much else but fail with harm.

Back in the 1980’s AI had “Expert Systems” and they had similar issues even though carefully constructed.

The fact is input data for training has to be very carefully collated and be consistent otherwise chaos will happen.

IF and only IF input data is carefully selected, collated, ordered and verified can Current AI LLM and ML Systems become “safe”.

And as has been demonstrated and proven “AI Input poisoning” will always not just possible but probable in a competitive or conflicted environment.

I can see “rocky times ahead” for AI orgs as the harder they grip the more they enshitify their own products, way way way beyond any practical use or potential redemption.

Clive Robinson • January 12, 2026 4:47 AM

@ ALL,

This is one persons view of the next couple of years,

The Next Two Years of Software Engineering

“The software industry sits at a strange inflection point. AI coding has evolved from autocomplete on steroids to agents that can autonomously execute development tasks. The economic boom that fueled tech’s hiring spree has given way to an efficiency mandate: companies now often favor profitability over growth, experienced hires over fresh graduates, and smaller teams armed with better tools.“

https://addyosmani.com/blog/next-two-years/

Some of it I agree with and some of it not.

The author is more optimistic than I am that management will think long term for “the business”… Whilst my view based on observations for longer than this blog has existed is that US style neo-con management will think short term for “shareholder attraction” and quarter to quarter “stock price”.

Also as Cory Doctorow put’s it “Your boss hates you” because senior managers know deep down that whilst they are effectively not important to the business functioning you as a worker are in effect essential.

Thus they are the “face hugging parasites” or “vampires” that would be in eternal fear if they were not so sociopathic. Thus they want to get rid of you hence “out sourcing” and “off shoring” has this century been their way to “not employ people” but just “shuffle contracts” as profitably as possible by “externalising” not just risk but just about everything.

However there is an issue, such behaviour actually makes little actual profit, and negotiations with suppliers makes response to customers slow. Thus the solution chosen though mostly unlawful is “form monopolies or cartels” to exclude competition.

We’ve seen this in Mobile Phone Service Providers that are in effect ICT run Finance operations, that have “Radio Spectrum Licences”. Similar to banks that have “Banking licences”. The Licences give them the monopoly or cartel.

This is the way that businesses in the US and West are increasingly going this century so far…

Thus the trick is get your own monopoly or cartel “licence” such as patents, copyright, trademarks, and other IP with legal force.

For the next few years AI is going to be disruptive weapon in this untill regulation, legislation and case law catch up. Then for a while there will be a new stability for a decade or two.

But what will also happen is Current AI LLM&ML systems will have to change for the better, a lot better.

For somethings they are already the best we’ve got where they have clear limited rules, reliable data, and specific function. We’ve seen this with protien folding, and we will see it with similar.

Where these current systems will fail is trying to be all things to all men. We can not do it as humans so how the heck do we expect to do it with deterministic machines and a random generator fuzzing things?

It should be obvious but apparently not that “going big” or “scaling up” is not going to change that, but it will hit the CapEx hard, very hard with no real change in ability.

Thus current AI is destined to become tools for specific jobs, and their success will depend on the ability to have “exemplary training data” and highly bound / constrained rule sets.

That is they will become increasingly like “Expert Systems” of the 1980’s but with a better interface and “shaped fuzzing”.

Knowing this you can hopefully make your own prediction on where things are going and how you can best fit in, as the “Money Merry-go-round” slows and in effect implodes.

Clive Robinson • January 12, 2026 8:45 AM

@ ResearcherZero, Winter,

With regards,

“Binary choices may exclude other lines of inquiry which deepen understanding. This can lead to the unfamiliar being entirely dismissed. Categorizing people into groups that can be ridiculed and attacked to advance one’s own cause. Dismissing and singling out others with little thought. Oversimplification that becomes a way of thought and view of the world.”

This behaviour is quite deliberate and has been for quite some time. Some suggest it was clearly the case before the 1812 attack the result of which was Canada became an entirely separate nation.

Further the policy of the US “State Dept” appears to follow Kippling’s entreaty to “pick up the white mans burden” into the likes of the Monroe Doctrine, and still using the “1984 Play Book” that George Orwell wrote and was published just after WWII.

(As for “Animal Farm” there is a strong porcine feel to US Political members).

Clive Robinson • January 12, 2026 4:02 PM

@ Jeff, lurker, ALL,

As @lurker indirectly notes I have a saying,

“Paper, paper never data”

Which is more about keeping unknown to the data owner (1st party) “meta-data” leaking to an assumed adversary (2nd or more parties)[1]. Than it is about longevity of data preservation.

But if correctly stored and curated paper can last way longer than you or your estate will care about. Thus only some things like “historical records” and long term legal agreements / findings such as property ownership and leases etc.

The problem is that whilst paper can be very robust what is put upon it can have a very short life[2].

Which is why “film stock” solutions are better and usually good for upto a half century or longer under environmentally controlled conditions such as removing oxygen, moisture, greases and other chemicals before freezing the film stock below minus 20 centigrade in a light and radiation proof environment (bottom of a salt mine well within the arctic has been considered by some European Nations).

The point is that,

“Entropy is natures way to reduce every thing to randomness of thermal background.”

Every thing thus has a “half life” exponential curve to “data doom”.

So all data storage requires three things from before storage,

1, Active entropy protection.
2, Strong Error correction.
3, Strong integrity methods.

Most “memory sticks” don’t have these things at the user available data levels and their entropy half life is measured in days/weeks not years in even mildly adverse conditions.

CDs/DVD’s were originally supposed to last 50 years or more, but that was for “pressed disks” with very strong error correction. Not for “writable” devices where it can be just a year or two…

Magnetic media decays in two ways, the poles merge and spread out spooled tape has the same issue but goes through the tape to adjacent tape segments. If you have an audio cassette tape that’s not been used in a decade you can hear a “ghost delay” on playback.

Punched Paper Tape, has a very low data density at just about 6 bytes/inch, but I’ve work I created back in the very early 1970’s that still are readable, not just by an optical reader but the human eye as well. The Punch tapes I have are stored in old tobacco tins on a shelf. They have become dried out and fragile as the tape was not “acid free” but at getting on for nearly 6 decades completed, it’s way better than cassette tapes from the late 70’s / early 80’s of “Home computing”.

Thus the most important part is not “how you store data” that’s doomed to entropy, but an ongoing process of regeneration that resets effects of entropy whilst it is still well within what error correction can do for you.

There are two basic types of error correction,

1, Forward Error Correction (FEC)
2, Code based Error Correction

FEC is simply repeating the data several times and using “voting techniques” to produce a correct result.

Code based EC is to complex to go over look up Hamming distance and Reed-Solomon to see why.

Both should be used, that is Code Based inside FEC.

But… It’s not a 100% guarantee, so data should ve stored in simple human readable “plaintext” that is always visible.

Sorry I can not recommend any existing “off the shelf” solutions because they nearly all go for “high data density” thus fail the very basic foundational requirements of longevity…

Oh and don’t forget surviving adverse environment conditions. As somebody only half joked you need to carve in stone fill with molten gold and seal in a concrete block wrapped in high density plastic at the bottom of a salt mine…

[1] Basically the process puts a “firewall” to meta-data in the hand over process. By removing any “file format” and even “file system” or other “meta-data”.

As such the process is not illegal or prohibited. Though I suspect with the AI -v- IP / copyright holder wars legislation may soon have to be made to avoid “cock-eyed” case law happening and the scope will be overly broad as is all to common these days.

That said unless carried out in certain “policy” procedural ways it will become the first part of establishing “guilt” that is “intent or premeditation” to “commit XXX” via the notion of “a guilty mind” (mens rae) without which a criminal conviction is not possible in many jurisdictions.

[2] laser printer toner is a form of fine plastic powder that is attached to the paper by the “fusor wire” that is it is quickly melted. Thus it really does not stick to the paper by more than just a poor mechanical joint. So it’s actually very easy to remove by chemical, thermal or mechanical means. As an example if stored in a filing cabinet in hangers or folders simple light mechanical pressure over about a year can cause the print to transfer from the face of one page to the back of another it is on. In the case of plastic “document wallets” the stripping can happen in less than a year.

Clive Robinson • January 12, 2026 6:09 PM

@ Jeff,

It’s not the length as such, sometimes it’s a word.

In the UK we have a three letter word that means cigarette but in the US it can have a derogatory meaning.

So we might say we worked something out “On the back of a 549-packet”. But in the US you might say “on the back of a napkin” (oh and “napkin” has an entirely different meaning in some languages).

I found out this by doing a binary chop and attempting to post each piece or untill I’d issolated a sentence or word and change for equivalent meaning.

More often than not now I chop it up by sectioning and thus can just leave an entire section out unless critical.

That is if it’s an example or analogue used to explain a concept or idea it’s not strictly necessary, so it just saves time for not just ne but those reading as well.

Clive Robinson • January 13, 2026 1:21 AM

@ Jeff,

With regards the article you linked to, it’s very weak on technical details.

Being old school for a variety of reasons I have a number of machines “hanging around” that I used to do “data recovery” with as well as more normal drives that I used to do transcribing / transferance from one media type to another type. Even in the 2000’s as a “hobby / side gig” it used to pay for it’s self.

The problem with the smaller form factor magnetic drives is not just the data density taking track widths down into ever smaller “fractions if an inch” and getting comparable to the width of a hair. It’s the issue of the ever more complex way bits get squeezed into symbols that are not compatible with each other. Thus you have two fun things to consider at the physical layer.

1, media to read head alignment.
2, recording encoding decoding.

Alignment can be done by taking an existing drive apart and building a “cross slide” mechanism adjusted by mechanical micrometer screw thread measures (though these have become a rarity as well). And all built into an Enviro-Stabo box that gets every thing to a known temperature and humidity and keeps them there for extended periods of time.

The reason for using a “cross slide” rather than a just “pushing the spindle” is again a function of stability both physical and environmental.

If you were to build such devices as a business proposition in Europe or America, you would be challenged. Because the number of people under thirty who can “set a lathe” for instance is vanishingly small. When I was “at school” back in the 60’s/70’s every boy and later several girls were taught it in “shop class” with hands on experience in a little “tool making” such as making “screw and nut gauges”. At a collage I went to the shop master was a nice bloke but his “final test” was to give you a stick of chalk and tell you to “turn it down and bring it back” then after that “go put a thread on it” the unsaid part of the test was being able to recenter the work piece after it had been removed from the tool for inspection after turning down. It later stood me in good stead when designing microwave systems and making custom dialectric tuning mechanisms for waveguides.

But even if you can find a person who can do it finding the likes of “watch maker lathes” is a near on impossibility as they are highly cherished by the few that own one and they don’t want to wear them out.

Whilst “one man’s treasure is another man’s junk” scarcity has turned that “junk” into “accidental historical artifacts” and obtaining and curating them even by museums is a task they can nolonger do.

So manufacturing in a bespoke way is close to impossible as a business proposition in “The West”. Even in the Far East in “The land of CNC” whilst there is great precision available, the knowledge to produce odd shaped pieces has vanished as well.

Around 2005 I had a need to make “coil winders” for manufacturing FM Broadcast Transmitters. Mechanically it’s a simple task you “close wind” on a reduced diameter mandril then put the close wound coil on a forming mandril that forces the coil to the correct diameter and winding pitch. You can turn down two mandrils for doing it manually but it’s not the way you want to go if you want more than ten or so coils a day. Trying to explain what was wanted even with spot on mechanical drawings proved lets just say “challenging”. I later heard from the one Chinese company who did do it was that the “sales rep” went and got her great grand father long since retired in as a consultant because he had made aircraft parts on a shop floor in the 60’s.

The simple fact is computers “have” and I suspect AI “will” in it’s turn further reduce us into “Skill desserts” thus loose manufacturing capabilities to those that can still cling to the tail of the “S Curve”. And no Politicians dream can bring such desserts back to productive fields of production.

But “moving on” in the article references we see at 38,

Päivi Maaranen, “Antiquities, Ancient Monuments and Metal Detectors: An Enthusiast’s Guide,”

One lesser known fact but obvious when pointed out is “Metal Detectors” are to magnetic media, “like a flame thrower to a pile of paper in a waste bin” ie not conducive to information retrieval in any conceivable way…

And that’s the issue with archives, they are not about the media but the information impressed or modulated on matter or energy loosely at best attached to the media. A thousand year old book is a historical artifact by definition. But it only becomes of use thus interest above “interesting object” when the information can be retrieved and used. Thus not only does the information have to be “intact” it also needs to be “intelligible” and entropy does it’s damnedest to prevent both.

Clive Robinson • January 13, 2026 5:23 PM

@ Bob Paddock,

With regards the black backing sheet it’s so the holes you’ve cut out are clearly “redaction” to any eye or camera.

As for the yellow dots also called the “constellation EURion” originally they were just anti-counterfeiting and built into the printer it’s self. Then the muppets in the Secret Service and FBI with the input of the DoJ decided to also encode the printers serial number in their placement… Old School Black and white photocopiers did not have them where as networked printers do, along with printing out the IP address.

Microsoft eventually got involved and the various names etc that get hidden in file meta data also get sent to the printer driver in I think it was Win ME and Win NT SP2 onwards. And are “allegedly, still in there now in Win 11.

I must admit I’ve no reason to have gone looking, as I very rarely print anything out except on a centronics interfaced Epson Dot Matrix printer that can print on “3 ply” fan fold paper.

Things around the constellation EUrion are supposed to be secret but the info had leaked from Ross J Andersons group at Cambridge Uni a decade or more before Ed Snowdon released his cache of documents that apparently talked about it.

Clive Robinson • January 15, 2026 2:40 PM

@ lurker,

“… the sad example of a .docx document. … Plenty of room for skullduggery, including prompt engineering.”

Ahh the joys and trepidations of meta-data in files formats and instances.

I guess it’s a reason to expand the usage of,

“Paper, Paper, Never Data!”

Into the AI Agent age.

But as I’ve indicated there is the issue that “prompt engineering” can not be stopped due to the use of the equivalant of “simple crypto” that I as a malicious actor embed so that the dangerous prompt is hidden behind a code or cipher with the key already given to the LLM DNN memory.

So I can encode / encrypt and the LLM can decode / decrypt, but the “observer” of any automated guard rails or filters can not.

As this “can not be avoided” all you can do is mitigate…

By running your own LLM “hard segregated” from the Internet and all external communications etc.

But that in effect ties the AI agent to being no more than,

“A local database query system.”

Which in most cases of AI Agent Workflow effectively makes them fairly useless.

Clive Robinson • January 15, 2026 9:10 PM

Broken into parts due to black hole of automod

Part 1,

@ V. Serge, ALL,

Starting backwards,

“I would have urged them to transport your files by qr-code .mp4, off of and onto the air-gap, rather than via USB drives.”

When it comes to “gap crossing” I never recommend USB devices be used not just “USB drives” but ALL USB devices. As they are extremely problematic at the best of times especially with Windows and other OS’s that have “auto-run” features.

Though few realise it many USB devices come with their own in built memory to load device drivers and the like “auto-magically” for the user… Great for “Plug&Pray” operation but an easy way to get malware from machine to machine.

USB is a security nightmare from start to finish. And why I looked at it as a way to get malware onto “voting machines” long before stuxnet was deployed.

Clive Robinson • January 15, 2026 9:46 PM

Part 3,

As for Tor, in the past I’ve gone through why you should not use it and things that need to be fixed in it, that still are not… I always ended up getting attacked by fanbois who would spout nonsense I assume because they had certain predilections and cognitive biases. Over the years the things I’ve pointed out have been shown by others to be true so draw your own conclusions…

But it’s not much comfort to the relatives of executed CIA sources in Iran and China if what has been reported subsequently and claimed as true, is true. Either way Tor is a classic example of why you don’t “roll your own solutions” when it comes to “Information security in electronic communications networks”.

I would not even use it just to hide a minor p0rn habit as you would be a lot safer going and buying off the top shelf at some random corner shop.

Clive Robinson • January 15, 2026 9:54 PM

Part 5,

If you look up Telegram and WhatsApp security failings you will find things I’ve warned people against sitting at the root of them.

Importantly I explained about the security and communications end points issue on a single user device and why that gave “user interface access” to a remote attacker. Thereby “end running” all crypto with ease so even “End to End Encryption”(E2EE) was a bust…

It’s now called “client side scanning” and Apple were the first to build it into their products.

Based on the caterwauling of ignorant persons of authority using the “think of the children” dog whistle of “supposed” epidemic of CSAM.

Clive Robinson • January 15, 2026 10:01 PM

Part 7,

Trying to get Part 2 through automod has proved so far impossible…

Why I’ve no idea and it’s something that is driving people away from this blog…

Any way have a read of,

‘https://soatok.blog/2026/01/04/everything-you-need-to-know-about-email-encryption-in-2026/

Clive Robinson • January 15, 2026 10:16 PM

Part 9,

As for using “GNU Privacy Guard”(GPG). That’s really a “there be dragons” warning these days.

Back a decade or so ago it was called out in “Why Johnny still can’t encrypt” for it’s poor user interface that even experts have difficulty using it, let alone using it safely.

And more recently a 39C3 talk at the end of december 2025 it’s been warned against. Because amongst other things it’s dated in all manner of ways that make it insecure…

You can go look the talk up, but the link I provided above is a more gentle write up with several other related helpful links.

Clive Robinson • January 16, 2026 7:19 AM

@ Bruce,

One you should read, it’s about striping away “pseudo random” noise, jitter and similar used to disguise voice traffic, thus clean the voice traffic up to make it better suited for faux-traffic generation.

I’ve warned in the past that just using random faux-traffic to hide true-traffic in is really a very bad idea as at its simplest the true-traffic can be “averaged out of the noise”.

This now shows how it can be used by cyber-criminals and similar to their advantage and most others disadvantage,

VocalBridge: Latent Diffusion-Bridge Purification for Defeating Perturbation-Based Voiceprint Defenses

“The rapid advancement of speech synthesis technologies, including text-to-speech (TTS) and voice conversion (VC), has intensified security and privacy concerns related to voice cloning. Recent defenses attempt to prevent unauthorized cloning by embedding protective perturbations into speech to obscure speaker identity while maintaining intelligibility. However, adversaries can apply advanced purification techniques to remove these perturbations, recover authentic acoustic characteristics, and regenerate cloneable voices. Despite the growing realism of such attacks, the robustness of existing defenses under adaptive purification remains insufficiently studied.
Most existing purification methods are designed to counter adversarial noise in automatic speech recognition (ASR) systems rather than speaker verification or voice cloning pipelines. As a result, they fail to suppress the fine-grained acoustic cues that define speaker identity and are often ineffective against speaker verification attacks (SVA).“

https://arxiv.org/abs/2601.02444

The “Ethics Consideration” section makes a fairly good management style overview,

“The rapid advancement of speech synthesis technologies has ensued a race between voice cloning techniques and protective countermeasures. By highlighting the flaws in the existing perturbation-based countermeasures, this study adds to this adversarial dynamic. We recognize the work’s multifaceted implications; while the primary motivation is to assess the robustness of existing safeguards and thus motivate the devel-opment of more resilient solutions, the proposed Diffusion-Bridge purification model also serves as an effective method for circumventing those same safeguards. We firmly believe that the potential benefits of enhancing safeguards against unauthorized speech synthesis and voice cloning far outweigh the risks of misuse of our findings, particularly as we intend to not make our source code publicly accessible.

…

The results of our work highlight an urgent need for the community to rethink perturbation-based approaches and explore fundamentally new strategies for safeguarding voice data. Future protection mechanisms must be designed with robustness to advanced preprocessing and purification in mind, ensuring they remain effective as adversarial capabilities continue to advance.”

Clive Robinson • January 16, 2026 1:59 PM

@ V. Serge, ALL,

I’m not the only one who regards Tor as bad news for non expert users (of which there are darn few).

Have a watch of,

https://m.youtube.com/watch?v=tLygDs9EiBk

It’s from Addie LaMarr and is quite recent so fairly upto date.

She explains some of why playing with Tor is not a good idea –but there is more so much more wrong with Tor– and shows it from the perspective of “who’s watching” you… And without actually saying it why most are painting targets on their back by using it, that they would not otherwise do…

Clive Robinson • January 18, 2026 5:45 AM

@ lurker, Winter,

Is AI the new VR for Meta and Zuck to play his own game of Doom?

You note that,

“Why, ChatGPT, now to put ads on your chats to pay for the sundries…”

A sure admission that,

“AI ain’t bringing home the bread.”

Thus the pivot to a financial model that other US Mega Corp’s rely on.

But consider three things,

1, The Ads market is not what it was even a year ago… and finite, if not now actually shrinking.
2, It’s a rigged market, to hold 9/10th of the money in just a couple of Mega Corp hands.
3, The near monopoly Ads market players are not doing well with AI either.

As @Winter notes,

“Enshitification will engulf all of the major AI companies. It will do so as it has done with all online “free” or not so free services…”

So a case of “not a good move”.

But if the “runway” is nearly at it’s end, and you have not taken off and you have no “moat” to hold barbarians and their siege engines away from your walls… What to do?

But it also means it’s not a good time to go all in on AI and probably not to pivot to it…

Which is apparently what the Zuck has decided is the way to take Meta after so much lost on Metaverse.

Smells like a double down on failure of not just imagination.

Suck-a-berg has had a string of double downs on failure outside of what was his “Core Value” for the past few years and the few successes were “bought in” not “home grown” and some saw them as “buying up the competition”.

We know from his own words that he is going to add ChatBots Galore to his social networking core to try and stem the hemorrhage of users with “Social Media Apathy and Death” as those “Silver Surfers” go the way of all things and “age out” the market as the upcoming “ouths are not that interested” they want to be consumers not producers or worse “product”.

So Suck-a-berg is apparently going all in on AI when most are saying

1, No ROI
2, No productivity gain
3, too high a cost in clean up

The fact is AI is not at the point of being a fresh faced teenage intern for “General Activities” the level of “hand holding / supervision” required is high very high.

And we know Current AI LLM and ML Systems have a “Memory Issue” so they currently “don’t learn on the job”…

So people are actually talking about “Fem-bots” being the future for “singletons” who might still have a job that as a result gives no time for a social life… And thus it being the best chance for AI based recently on that quaint desk top 3D Hologram Manga-fairy exhibited at CES earlier this month…

Read more about Suck-a-berg pivoting Meta away from Metaverse in The Register article,

Meta retreats from metaverse after virtual reality check

That went well

“Imagine changing your popular brand to capitalize on an emerging tech trend that never emerged. Mark Zuckerberg did just that, and now Meta is backing away from the virtual reality business in which it invested billions.

In 2025, Meta’s Reality Labs division, responsible for the company’s various VR projects, posted a $4.2 billion loss in the first quarter. AI is in, the metaverse is out, and around 1,000 jobs are reportedly being shed from Reality Labs.“

https://www.theregister.com/2026/01/16/meta_quest_horizon_workrooms/

What the article does not include was the initial share price slump when Suck-a-berg launched the “VR revolution” that he threw the whole company direction into… if memory serves it was about 1/4 of the then company share value.

But also consider “the wider circle” effect to come on the local economy of 1000 high paying jobs gone in what is already a recession in the area…

Lets hope they can “Pivot to AI” or some other job market… Because

You should also consider what the wider still effect on the US economy as a major tech stock jumps into the all ready collapsing AI hype…

Something tells me Meta share price is going to very noticeably change on stock opening and the rest of the week to come…

The question then is “Where next for America’s Tech Stocks” and the whole rest of the US economy which is at best “stagnent”…

There has been comment that one organisation alone has taken over 2 trillion out of the US stock market and taken it out of the country[1]

As we know from Apple and others, when they take money “Off Shore” US tax law has so many disincentives to “bringing it back”…

Any one think that the Orange Trumpeter knows how to play the right tune to get America back on the dance floor?

No me neither, he did aftercall wipe 4trillion off of US stocks last year with just one tweet. And the rest of the year much of the market kept sinking…

[1] There are stories that BlackRock are “moving out” $2.1 Trillion from the US and it is true in that they are getting out of US Gov bonds (probably due to the Orange Trumpeter). Also they are increasing Global Investments by that amount. You can read more at,

‘https://time.i.ng/2026/01/13/is-blackrock-moving-2-trillion-dollars-out-of-the-usa-in-crypto-and-other-assets/

But consider,

“BlackRock’s assets under management rose to $14.04 trillion in the quarter, up from $11.55 trillion a year earlier.”

https://www.reuters.com/business/blackrock-fourth-quarter-profit-rises-etf-inflows-index-fund-demand-2026-01-15/

It looks like they are behaving quite reasonably there. Even though they have recently axed 250 jobs and for some pivoted way to heavily into AI and crypto last year.

Clive Robinson • January 18, 2026 10:32 AM

@ Winter, lurker,

You might find this of interest,

https://m.youtube.com/watch?v=fWIFJk2JUdY

Whilst it’s from an individuals view point it demonstrates wider concerns that feed directly into various types of security concerns.

And it also indicates just how far things are separating and straining.

A view from another person summed it up,

“The more you work the more you have to use fast at the price asked, but ask who are you actually working for?”

I don’t think enough people are asking that as Hi Tech Firm bosses especially expect 14-16 or more by 6 or 7, but only renumerate for at best 8 by 5… so you get less than half the time rewarded. It is they not you that get fat on your labours.

And they are absolutely desperate to get AI to replace you, so they get more…

But if you don’t have money to spend they are in effect cutting their own throats as there won’t be customers with sufficient income to buy their AI “slop created” products.

As Cory Doctorow succinctly pointed out at the end of the year the US in particular has an issue that is simply “Your boss hates you” because they know they are mostly the unwanted imposters not those who turn up and do the actual work.

Back in the 1980’s there was that book “The empty overcoat” that started “down sizing” by cutting out middle management and supposedly replacing them with ICT.

It turned into a disaster for many because it removed built up institution knowledge that was needed whenever there was even small change. So the enterprise got increasingly hollowed out from above and the first minor external puff and the whole house of cards edifice colapsed.

So what did those that survived do? Yup they “off shored production” to the Far East… What did that get them?

Well total loss of production to over seas organisations that cery quickly did not need the US company or it’s over payed managment…

What did that lead on to?

Well after just a year I think people around the world can see what is turning into a civil war. The first shots have been fired and it probably won’t ve long untill the military are out on the streets…

A US founding father warned about this with,

“The tree of liberty must be refreshed from time to time with the blood of patriots and tyrants.”

Sent in a letter dated 13th November 1787,
https://founders.archives.gov/documents/Jefferson/01-12-02-0348

The only two questions arising for history will be,

1, How much blood?
2, From whom?

The other W questions of “When, Where, Why, etc…” Won’t really be recorded with any accuracy and will get argued interminably. Untill the flags come out again to be waved, the drums to be banged, sabres to be rattled. With thoughtless rhetoric trumpeted out loud to stir the blood and gird the loins…

Of those poor fools that even Shakespeare spoke of with pity and sadness. Their “manhood held cheap” by those conspiring for power and control.

Clive Robinson • January 20, 2026 2:13 AM

@ Bruce, ALL,

The legacy of BadBIOS

Back at the end of October 2013 Dragos Ruiu had communications with a journalist about research he was doing. And importantly what he thought was a new form of malware that crossed “air gaps” and enabled the likes of SigInt agencies to re-infect computers.

It was just an angle that Dragos Ruiu was investigating but the journalist turned it into public knowledge, pesipitating a whole series of events.

When @Bruce blogged about it the level of incredulity that was expressed was somewhat eye opening to be honest and claims were being made that Dragos had not made. Likewise “technical details” that were questionable were being thrown in to the mix… So I posted a response to try and get correct information on the thread,
https://www.schneier.com/blog/archives/2013/11/badbios.html/#comment-209129

Things started to get better technically and @RobertT threw in some much needed industry info.

I also made a comment with this “crystal-ball” comment included,

“However of one thing we can now be certain, if such malware did not exist prior to this point it will now be developed by any number of entities because it’s been shown with enough detail for the average under grad to stitch it all together as a project in a week or so…”

Which was a fateful prediction.

Further down I made it clear how to actually go about doing it, the fact there was a gaping hole in security due to “loading I/O drivers before booting from disk” by reading the ROMS on the I/O card and the fact I was experimenting…

You can see that I proved it was actually easily possible even on old PC hardware over on the accompanying “squid page”.

That should have put an end to it but it did not. People were still claiming it was not possible…

What did happen was at the end of November 2013 a couple of CompSci students Michael Hanspach and Michael Goetz did a very similar thing with a couple of laptops in a Uni corridor.

Then those blow hard deniers either shut up or muttered, whilst others claimed that they’d known all along it could be done but Dragos had got it wrong “yada yada yada”.

Importantly though all of a sudden the world had a new tool to use for all sorts of things… But mostly “spying on people” for amongst other things “advertising”.

What happened with it became a bit of an eye opener but I’d moved on to other things…

So this is the point where someone else can “take on the implications” in this video from a couple of days back,

https://m.youtube.com/watch?v=EVzhDH2q1Bs

Clive Robinson • January 20, 2026 2:43 PM

@ lurker and others…

It looks like we are having fun with “Space Weather” at the moment with CME’s poping of big time last week and things still remaining active.

This has caused radio blackouts and GNSS issues and the FAA had “Red Warnings” several times.

Thus global communications both physical and informational were “unpredictable”

Well the “Space Weather Woman” has done a “live stream”,

https://m.youtube.com/watch?v=xFdgmQMOSas&pp=0gcJCYcKAYcqIYzv#

But jump into +8mins as she had a “technical failure” at her end that made early audio not usable.

Clive Robinson • January 21, 2026 9:30 PM

@ lurker,

It’s interesting to note that although California has had wildfires, it has not had a drought this past year, for the first time in living memory…

And so in return I offer you,

https://m.youtube.com/watch?v=flsgJe8mN-A

A very Security and AI related speech from the WEF meetinghouse.

I must admit that I had suspected the tables were turning after the change that 9/11 brought. And in some ways I’m surprised it’s taken this long to be said…

But as was pointed out the other day the only Sovereign Nations in Europe are France and the UK because they have the means and delivery to “punch back” the others don’t. It’s why I said we need to see where EU nations put their increased defense spending. The US Executive wants it all to build up US Power on every one elses dime, and that is what the Executive was pushing for.

Personally I think the EU should spend within the European borders it’s what the “Security Action for Europe”(SAFE) initiative is supposed to be all about. Along with select partner nations that do not contain authoritarian leaders. Canada is one such select partner and has already signed in, certain nations around the South China Seas could well be signing in as well in reciprocal arrangements.

But the Canadian Premier is right, the old rules based mirage is over and we need to react appropriately to a changing reality.

The effects it’s going to have on all forms of “Security” is immense, and this is an area where AI will become important not in the “broad general” generic sense but in the “narrow vertical” highly specialised sense where it works well and delivers (as alpha fold has shown).

As I’ve indicated recently I think the US Economy is in for some very hard times in the very near future. And as has been noted in the past “staving people do desperate things” including “dog eat dog” behaviour. Whilst I’m not suggesting that the US citizens will behave like Russian peasants in the 1921/22 famine, I am saying that morally I suspect they will do so because of the weak cohesion and rapidly weakening social fabric that is clearly showing and getting through to the rest of the world currently.

Clive Robinson • January 22, 2026 8:30 PM

@ Bruce / Moderator,

Can you remove the Part 1, and Part 2, from me above please, as the original held for moderation appeared after I’d posted them.

But onto something that is in some respects quite funny, as the title will show

AI conference’s papers contaminated by AI hallucinations

“GPTZero, a detector of AI output, has found yet again that scientists are undermining their credibility by relying on unreliable AI assistance.

The New York-based biz has identified 100 hallucinations in more than 51 papers accepted by the Conference on Neural Information Processing Systems (NeurIPS). This finding follows the company’s prior discovery of 50 hallucinated citations in papers under review by the International Conference on Learning Representations (ICLR)“

https://www.theregister.com/2026/01/22/neurips_papers_contaiminated_ai_hallucinations/

I don’t write “formal papers” any more. Mostly as they could not be “put in public journals” but as importantly because they are just a pain when it comes to references, that in some “knowledge domains” are little more than “log rolling” you scratch my back and I’ll scratch yours lists that can go on for pages…

It’s fairly clear from the subject of the article quoted above that increasing numbers of academics are tired of curating the darn things as well.

But there is another danger involved. Once long ago papers were almost never withdrawn, but that is nolonger so. The credibility of your paper then hangs in part on the status of the papers you put in your references list. Likewise there might be nothing wrong with a paper, but for some reason one of the authors might have fallen into some form of “cancel culture” attack and you get slapped with the tar-brush and feathers as a “supporter of XXX who is a YYY” etc.