Comments

Clive Robinson March 20, 2026 8:37 PM

@ ALL,

Final report on SW Europe blackout.

I know this is likely to be of limited interest to many. But it is an aspect of security that is going to become more relevant as,

1, AI data centers stress the grid.
2, Solar/Wind multipoint feed-in to the grid increases.

28 April 2025 Blackout

The final report of the Expert Panel on the 28 April 2025 blackout in continental Spain and Portugal identifies the causes of the blackout and outlines recommendations to strengthen the resilience of Europe’s interconnected electricity system.

https://www.entsoe.eu/publications/blackout/28-april-2025-iberian-blackout/

Clive Robinson March 20, 2026 9:55 PM

@ All US tax payers.

US Tax Software has a serious backdoor in it that is not being addressed or fixed.

Yup as it’s getting toward that time when you have to do your tax a lot of US taxpayers world wide turn toward software for assistance.

Well it turns out one supplier is sending it out with a significant back door they are not addressing…

Worse they have included the private key so anyone can use the back door to do things you would rather they could not[1].

The person who found it says of it,

H&R Block tax software installs a TLS backdoor

“here in the US because tax season is coming up and some of you may be using H&R Block Business 2025. I discovered that the software installs a root CA named “WK ATX ServerHost 2024” (expiry 2049) into your local machine trusted root certificate store. They also helpfully include the private key to this certificate in a DLL file. This certificate does not identify itself as “H&R Block” anywhere and does not get uninstalled when you uninstall the software.

I’ve been able to successfully use this root CA + mitmproxy to manipulate TLS traffic on a brand new virtual machine on the same network with a DNS spoofing attack.”

Read the rest at,

https://news.ycombinator.com/item?id=47457162

[1] This sort of backdoor is why I talk about using two computers that are “suitably gapped” with,

1, One used to do Private things and never gets connected to any external communications.

2, The second being used to connect to external communications but is never used for Private things.

This way such “back doors” can not be reached or (ab)used.

ResearcherZero March 21, 2026 7:42 AM

The Nuke Bros from DOGE are happy to expose you and your children to radiation.

https://arstechnica.com/science/2026/03/doge-goes-nuclear-how-trump-invited-silicon-valley-into-americas-nuclear-power-regulator/

One of my favourite bedtime tales …

On the first day, humanity and all living beings in the surface disappeared.

On the second day, all traces of life disappeared from the world.

On the third day, the Sun and the Moon fell, and day and night ceased to be.

On the fourth day, the earth sank and all was flooded.

On the fifth day, the ocean and the sky vanished.

On the sixth day, light was extinguished, and all was enveloped in chaos and darkness.

On the seventh day, the calamity completed its work, and in the joy of rest, it wept in silence.

This is the beginning of the Seven Days of Fire.

Winter March 21, 2026 10:44 AM

@ResearcherZero

The Nuke Bros from DOGE are happy to expose you and your children to radiation.

I understand there is a Conservative, extremist, movement in the MAGA&Project 2025 circles that believes there are too many people in the world. Especially, too many people who are not Orthodox White Christians.

A preferred solution is too reduce the number of people living on Earth.

There are several policies in place to achieve that:

  • Stop all aid to poor people, eg, USAID
  • Stop vaccinations and health care in general, worldwide
  • Speed up climate change by burning more fossil fuels (climate change kills mostly non-whites)

Wars and tariffs are mostly used for enrichment, but they also do lead to population reductions.

A nuclear “accident” in Mormon Utah might be a feature in this view.

Winter March 21, 2026 11:49 AM

Continued…

@ResearcherZero

The Nuke Bros from DOGE are happy to expose you and your children to radiation.

In this light, the race for AGI gets a different meaning.

Companies are eagerly firing employees and replacing them with AI, or so they say. I often hear the question who will buy the products when nobody has a job?

But we live in a bipolar economy, with some rich and many poor people, and no one in between.

When productivity increases enormously with AI, there are less poor people needed to do the work. Making them go away results in less provisions needed for poor people, leaving more “economy” for rich people.

This has happened before with horses. Before the mechanization of agriculture, about 20% of the land was needed to grow food for the horses working on the land. After the mechanization there was no question about what should happen to the horses and the land used to grow food for them. There a much fewer horses nowadays than there were then. [1]

The ideal situation for the Tech MAGA Bros is when companies, factories, and armies are run totally on AI and robots, the Dark Factories they already have in China. In that case, the economic output does not have to be shared with any poor people anymore.

Note that MAGA, and the Red Mad Hatter want to make America Great. They never talk about making Americans great, or even something like improving their lives.

That is because they believe a Great America has only a minimal number of Americans left.

MoreNewsForSquidDay March 21, 2026 3:46 PM

Other security news in this last week:

https://agelesslinux.org/

The spirit of defiant freedom is still alive in some of the Linux community, that site is making a point of defying California’s diktats.

The question is whether anyone will stand up for the long suffering people of Brazil who are being subjected already to a far worse regime (actual verification of ages, meaning identifying people simply to use local computer software) than California’s (no immediate harms from asking an age to be typed in with tick-if-you’re-honest levels of ‘verification’, though California’s acts are still dangerous as they start a slppery slope and require data collection which goes against the spirit of FOSS) plans to be.

https://reclaimthenet.org/brazil-digital-eca-age-verification-law

The Ageless Linux site is planning a campaign to mass produce very cheap devices which can still fulfil the definition of an Operating System as per California’s law well enough to be in violation of it, will they ship to Brazil too?

I fundamentally disagree with the legalistic thinking which seems to expect a “consult legal advice before doing anything” attitude whenever discussing controversial things. But I will say, that ageless linux concept uses a terminal script, and requires root permissions to run, absolutely consult the bash script and understand in detail what it does before deciding whether to try it. Unlike spending a life submitting to a priestly caste of lawyers who think everything needs approval under some or another statute, understanding bash scripts is healthy for you and is a skill well worth developing.

Clive Robinson March 21, 2026 4:54 PM

@ Research Zero, Winter,

With regards,

“The Nuke Bros from DOGE are happy to expose you and your children to radiation.”

The Tech Bros in DODGiE are not an Oversight or Safety organisation. In fact the very opposite.

The NRC are and the fact that as the article notes Trump and his DODGiE Bros see them as,

“The NRC has critics, especially in Silicon Valley, where the often-cautious commission is portrayed as an impediment to innovation. In an early salvo, President Donald Trump fired NRC Commissioner Christopher Hanson last June after Hanson spoke out about the importance of agency independence.”

The fact that the NRC are,

1, Necessarily “often-cautious”
2, An “impediment to innovation” by the “Run fast and break things” methodology espoused by DODGiE Bros.
3, “Independence” of industry and political “power players”

Are most would consider “a good thing”.

For those that think otherwise a caution from history. On the 30th September 1999 there was a “criticality event” now called the ”
“Tokaimura Tragedy”.

You can read a report on the Tragedy from,

https://world-nuclear.org/information-library/safety-and-security/safety-of-plants/tokaimura-criticality-accident

For those that prefer a visually and little more human aspect,

https://m.youtube.com/watch?v=ecXWHQaDrN0

(The fact that the link ending is in effect “Who a Dr NO” with Dr NO is a book/film about a single person blowing up a nuclear island supposedly based close to Japan is not lost on me).

But in the report we find a rather important point,

“The 1999 Tokaimura accident occurred in a small fuel preparation plant operated by JCO (formerly Japan Nuclear Fuel Conversion Co.), a subsidiary of Sumitomo Metal Mining Co. The plant supplied various specialised research and experimental reactors and was not part of the electricity production fuel cycle.

three workers were preparing a small batch of fuel for the Joyo experimental fast breeder reactor, using uranium enriched to 18.8% U-235. It was JCO’s first batch of fuel for that reactor in three years, and no proper qualification and training requirements had been established to prepare those workers for the job.

According to the IAEA, the accident “seems to have resulted primarily from human error and serious breaches of safety principles, which together led to a criticality event.” JCO conceded that it violated both normal safety standards and legal requirements, and criminal charges were laid. The fact that the plant is a boutique operation outside the mainstream nuclear fuel cycle evidently reduced the level of scrutiny it attracted. The state regulator had visited the plant only twice per year, and never when it was operating.”

Importantly note,

1, “plant is a boutique operation outside the mainstream”.
2, “reduced the level of scrutiny”
3, “regulator had visited the plant … never when it was operating”.

So a “Cats away the mice will play” situation made worse by the fact the cat was mostly elsewhere and blind to what the mice were upto.

But consider further,

“similar criticality incidents have occurred, especially in US and Russian military plants and laboratories

The last of these was the single previous criticality accident at a commercial fuel plant, in USA”

A situation that will almost certainly happen with the Tech Bros and their mad schemes for “on site” nuclear power” for all those AI data centers. Who have the ethos of “run fast and break things” and are also thick in with the DODGiE Bros and MAFIA Boss…

Also having ensured that the only “oversight” of the NRC has been neutered…

Winter March 21, 2026 7:10 PM

@Clive

[criticality nuclear incidents] that will almost certainly happen with the Tech Bros and their mad schemes for “on site” nuclear power” for all those AI data centers.

This is not a matter of excessive risk taking. This is a policy that considers casualties as Survival of the Fittest selection, a way to improving the population. This is deeply rooted in Republican political thinking.

See:
Only the Strong Will Survive? American Echoes of a Dark Past
https://www.newsweek.com/only-strong-will-survive-american-echoes-dark-past-opinion-1576321

On February 16, as millions of Texans entered into a second day of freezing temperatures, power outages and water restrictions, Colorado City’s former mayor Tim Boyd chastised his fellow Texans on Facebook for being “lazy” and “looking for a damn handout!”

Boyd’s comment, in particular that, “Only the strong will survive and the weak will parish [sic],” is a near-perfect distillation of Social Darwinism, the ideology that powered Nazi dogma. It should alarm every American

Take for instance Texas Lt. Governor Dan Patrick’s remark about COVID restrictions in March 2020: “Those of us who are 70-plus, we’ll take care of ourselves. But don’t sacrifice the country, don’t do that, don’t ruin this great America.” In short, the strong will survive and the weak apparently aren’t as important as the economy.

NowhereMan March 22, 2026 9:41 AM

@Clive Robinson

Ref : “Clive Robinson March 11, 2026 4:16 PM”
“The Pachyderm in the room is to[o] big to be seen”

You probably have not seen this :

Here is, Sir, another little-known version of your pachyderm story that you might not know and that you might appreciate, should you read the full novel which is excellent satire (there’s a funny paragraph about American wars, too) :

gutenberg.org/files/1930/1930-h/1930-h.htm#link2H_4_0016

(I repost just in case ; won’t do it again.)

lurker March 22, 2026 6:03 PM

@Clive Robinson, ALL
re Iberian blackout report

The “Root Cause Tree” diagram is fascinating. It first appears on p.23 and is repeated through the document. I can see two positive feedback loops in this diagram. Some of the blue boxes containing the primary cause agents, also contain a number of unstated sub-causes.

My previous observation that the European Grid is approximately a half wavelength long at 50hz is recognized by the East – Central – West oscillation mode. Attempts to dampen this led to instability within the Iberian grid.

Premature disconnection of fixed power factor generators, mostly identified as solar PV, led to an increase in the phase angle across Spain. It occurrs to me that one simple old-fashioned fix for this could allow for PV installations to contribute to reactive power absorption, and provide inertia to the system, but would mean increased capital and maintenance costs and possibly require more skilled operators on-site: use rotary converters (motor-generators) instead of inverters.

cata March 23, 2026 4:05 AM

https://www.theregister.com/2026/03/20/cryptographer_nadim_kobeissi_rustsec_ban/

if true , some pretty big fallout will be with us pretty soon.

TLDR :
“”So basically there’s thirteen vulnerabilities. But let’s just focus on two, which are the really, really crazy ones that really need to have RustSec [publish security advisories] because they involve libraries that are being used by Signal, OpenMLS, Google, SSH, Linux kernel, all sorts of places.

“In both cases, I would argue, the vulnerabilities are critical. One of the vulnerabilities leads to full plain text recovery and message forgery – full key recovery for all messages after 2^32 encryptions. And the other one is a denial of service vulnerability. So the first one was actually deployed in Signal and in a bunch of other places. And so I felt it extremely important to have an advisory issued for this.”

cata March 23, 2026 6:25 AM

some clarification in this video:
https://www.youtube.com/watch?v=TdOXza1-M_4
and from 54:18 , our guest Mr. Bruce Schneier is acknowledged a father of security theater, in context of formal verification theater.
credit where credit is due.
methink this is big.and upsetting a lots of apple carts, so to speak.

Clive Robinson March 23, 2026 6:45 AM

@ lurker, cata,

You’ve both posted what at first appear entirely separate security risks. But if you express them correctly you suddenly realise they are interwoven,

1, Response time across a network.
2, Added delay by encryption and verification methods.

By “time” or the lack there of “delay” thus “latency” and the inverse of “time” which is “frequency” that limits “bandwidth”.

Latency and Bandwidth are what define just about everything in the computing and communications stacks and it starts at the lowest of the “unseen” “Physical Layers” and gets worse at every layer upward.

Like the bubbles in a “flute of champagne” the problems start invisibly small from flaws that no creature will ever see or feel and grow as they rise untill not just visible, they throw things into the air and make a mess (hence a “bubbling up” vulnerability / attack like “RowHammer”).

The time/latency/bandwidth issues are the hardest problems we have to solve, and thus the easiest point for attackers to disrupt or get access.

Traditional “block encryption” eats CPU cycles which means a long time to decrypt. “Message Authentication Codes”(MACs) are mostly just another form of “block encryption”. So both add a “metric shit ton” of “delay”

Even using “stream ciphers” for encryption does not solve the MAC problem. So two tricks are keep messages “very short” and “process before authentication” with “back out on fail” are considered.

But these methods create “vulnerabilities” open to an attacker of sufficient skill and resources at Level II/III (highly skilled individual / small Tech team through Major Corporate / Tech advanced Nation State).

Why does this matter?

Well consider the engines in a Boeing 747, some are from Rolls Royce that manage them in any part of the world remotely in flight in an engineering center in the UK. So that 400Million Gift to the current US President is “an ever present threat”. Similarly Formular 1 racing cars are managed in race from their “engineering HQ’s” many of which are in Europe but the Races are all over the globe.

Which brings us back to that European Power Grid, engineering has to run in time periods of less than of way less than 1/1000th of a second or the time it takes light to travel 300kM which is less than the width or length of a small nation state, let alone a continent.

In some cases you can “trick the system” by creating small zones that are “decoupled” as much as possible. This is possible but difficult with power grids by making them “DC coupled” with rapid energy storage in between. Thus replicating the “Fly wheel” “free wheel” effect of high mass rotators in gen-sets.

Another trick is to use “rolling average trends” or “predictive curve following” the laws of nature abhor sudden changes thus averaging techniques like “fast/early – ontime/insync – slow/late” tracking loops can be used to “pre-compute” what should be next. They don’t always work, but they can show up when unexpected events or interference of some kind is happening.

But such loops are also a vulnerability that a sophisticated attacker can exploit.

Most people at this point would loose interest and tune out.

But consider, modern warfare is not just becoming very “asymetric” in the Kinetic Weapons domain it’s also very much doing so in the so called “cyber domain”. I’ve indirectly talked about it in the past and it’s usually about the “army of one” notion that has just recently become a “hot button subject” due to “AI Agents” and “AI Vibe Coding”. But less obvious is the stupidity of certain national leaders taking warfare into the civilian domain and going after the things necessary for civilian life styles…

Consider just how integrated systems are in City environments where infrastructure of all forms is “centralised” in some way in the search to “make more profit” by “reducing costs” but also making everything way more fragile…

Then there is the over reliance on associated infrastructure. The communications infrastructure is 100% dependent on “power” and the modern power infrastructure is 80-100% dependent on the communications infrastructure.

By definition this can not be a stable system and it will not “fail safe” as far as society is concerned. At some point it will “cascade fail” to unusable.

All an attacker has to do is work out where the easiest and/or fastest point to cause a cascade failure is.

The more high tech and centralised the society you live in the way more vulnerable you are to “cascade failure” and the resulting “latch ups” an “army of one” individual located any where in the world can cause you.

Within a couple of miles of where I live there are three points that if attacked correctly will cut of the power to most of SW London, likewise the Water supply and also the back-haul for communications. The use of as little as 5kG of conventional explosives flown in by drone will stop the lot for maybe three weeks or more in each case. But coordinated it might tripple or quadruple the time, and Western civilisation is nowhere near ready to survive that long…

Now consider that drones and explosives are entirely unnecessary, just a hack into “grid control systems” will do the same. We talk about “China/Iran/NorK/Russian APT” in systems of the US and Europe or similar…

But do we consider “US APT” that they did against others, such as stuxnet, and more recently,

https://www.theguardian.com/world/2026/jan/03/why-trump-us-attacked-caracas-captured-venezuela-president-nicolas-maduro

Under the “Don-roe Doctrine” that the “Make America Facist In Anger”(MAFIA) Boss had espoused, it is the Right of America to en-slave and steal from the “Western Hemisphere” of both America’s from the North Pole to the South and as wide as he can argue that “by might is right” military action against civilians is the way to go…

‘https://www.theguardian.com/commentisfree/2025/dec/30/the-guardian-view-on-the-new-monroe-doctrine-trumps-forceful-approach-to-the-western-hemisphere-comes-at-a-cost

Which is against what are called the “articles of war” and are “war crimes” not that the US Executive care…

But even on the kinetic side things civilian infrastructure is being brought increasingly into the cross-hairs. As these two breaking news stories indicate,

‘https://www.reuters.com/business/aerospace-defense/czechs-looking-into-possible-russian-trail-fire-defence-factory-2026-03-23/

‘https://www.reuters.com/world/fuel-reservoir-russias-primorsk-port-fire-after-drone-attack-governor-says-2026-03-23/

With both being “very small team” type attacks that are “asymmetric in effect”.

JG5 March 23, 2026 3:03 PM

Quick question for @Clive or @Bruce. I had a recent moment of clarity and realized that you could use a deck of cards or a pair of die to generate keymat. I am too lazy to work out the number of bits of entropy per roll or per card, and more importantly how to map cards or numbers onto various sets of ASCII codes. Someone much smarter than I am, probably named Shannon or Thorpe, likely did this in their sleep. Even though passwords were less common in those days.

The real puzzle is that I don’t recall anyone mentioning this before. I still like the idea of a USB stick that provides endpoint security for a fleck of radioisotope to keygen. You could have a good go at keydist with endpoint security in the same footprint.

I continue to make what passes for intellectual progress on the old blue marble of entropy maximization. “War is the continuation of entropy maximization by the most efficient means ever discovered by humans.” – with apologies to von Clausewitz Bait-and-switch must be a close second to war for entropy maximization. “He kept us out of war” they said in 1916.

good thing that they didn’t retain the names, address, phone numbers, and emails of the tipsters

oh wait, what the fuh …

Hacker Reportedly Steals 8 Million Secret Police Tips from Gov’t Database
Intruder claims to have used social engineering and a security flaw to extract 93 gigabytes from the P3 Global Intel system…
https://headlineusa.com/hacker-reportedly-steals-8-million-secret-police-tips-from-govt-database/
Posted by Jose Nino March 20, 2026

Straight Arrow News broke the story and indicated that reporters had validated portions of the compromised material by making contact with tipsters whose identifying details were contained in the files.
https://san.com/cc/millions-of-anonymous-crime-tips-exposed-in-massive-crime-stoppers-hack-exclusive/

Emma Best, the group’s founder, declared that the material “provides excruciating detail” about a tip gathering infrastructure that “seeks to make everyone an informant.”
https://emma.best/2026/03/18/statement-for-the-release-of-blueleaks-2-0/

Clive Robinson March 23, 2026 6:38 PM

@JG5,

With regards,

“Quick question for @Clive or @Bruce. I had a recent moment of clarity and realized that you could use a deck of cards or a pair of die to generate keymat.”

If your dice are coloured so you can distinguish them appart (just colour in the spots with ball point pen ink)

You create a six by six grid which gives you “36 options per throw of the pair. Just use a newspaper or something similar to fill in the grid. I’ve discussed this in the past on this blog quite some time ago.

As for a deck of cards if you think about it there are 26 red cards and 26 black cards so just “dealing them out” in an appropriatly robust way will give you a “Key Stream Generator”.

The problem @Bruce discovered with “solitaire” is that small biases build up and thus cause the cipher to be weaker than it would otherwise be.

In the past I’ve used free running ARC4 along with a “pot stir” from two sources.

The first is by “Blum-Blum-Shub” random generator which is deterministic but “one way”, and a much less deterministic source such as time between user key presses or some asynchronous event in the OS.

Winter March 24, 2026 7:51 AM

@ResearcherZero

Computer says no

The cheapest health care is no health care

I know your link is for Australia, but we do know how deep the links with US conservatism go.

It all boils down again to Social Darwinism, where Hoi Poloi are seen like the chattel slaves of the mythical golden age when America was still great.

And what do you do with slaves and cattle when they have become unproductive?

https://centerforhealthjournalism.org/our-work/insights/did-medical-darwinism-doom-gop-health-plan

Indeed, the attacks on the ACA seem to have revived a survival-of-the-fittest attitude most of us thought had vanished in America long ago. Yet, again and again, there it was in plain sight, as when House Speaker Paul Ryan (R-WI) declared: “The idea of Obamacare is that the people who are healthy pay for the people who are sick.” Contemporary language, but the same thinking that sank President Harry Truman’s health care plan almost seven decades ago.

The link contains many historical quotes that are just waiting to be uttered by MAGA and GOP mouths.

Clive Robinson March 24, 2026 8:52 AM

@ ResearcherZero, Winter,

With regards,

“A new algorithm is rejecting aged care and disability assistance for vulnerable people.”

And,

“I know your link is for Australia, but we do know how deep the links with US conservatism go.”

It’s not just Aus or US where this is happening the UK is as bad if not worse.

You get told about all these “wonderful services” you can access by the “Social Care” workers / industry…

The only problem is they don’t tell you unless you ask “who’s paying?” Then they prevaricate untill you finally get them to admit “you do” with a lot of interest with them waiting untill you are dead then they take your entire estate… Especially any home you have.

The plan is to grab your house and sell it off due to the “housing shortage” but… They find excuses to keep racking the fees up untill the estate is empty.

It happened to a friends parents, and he’s taken the “care providers” to Court to get the estate back…

Winter March 24, 2026 9:12 AM

@Clive

They find excuses to keep racking the fees up untill the estate is empty.

I think the parallel with cattle is fitting.

Clive Robonson March 25, 2026 3:49 AM

@ Winter, Bruce, ALL,

With regards,

“I think the parallel with cattle is fitting.”

There is worse still about to happen in the UK,

Social media bans, digital curfews and time limits on apps are to be trialled in the homes of hundreds of UK teenagers.

The test, led by the UK government, will see 300 teens involved have their social apps disabled entirely, blocked overnight or capped to one hour’s use – with some also seeing no such changes at all – in order to compare their experiences.

Technology secretary Liz Kendall said it was about “testing different options in the real world.”

“These pilots will give us the evidence we need to take the next steps, informed by the experiences of families themselves,” she added.

Children and parents involved in the government-led trial will also be interviewed before and after the pilot scheme to assess its impact.

https://www.bbc.co.uk/news/articles/cn89g3ngkyzo

So children at a very vulnerable part of their social development are going to be experimented on in a way that will effect them for the rest of their lives as the “Government” treat them like the “Smoking beagles” that so horrified people that such “research” was banned.

But of course it’s “All OK for “the Greater Good” if we handicap mentally and harm emotionally three hundred children, their families and friends.

We know from studying “Cults” just how badly people are effected by the psychological torture of Social Exclusion that was called in earlier times “Being sent to Coventry”.

This is such a bad idea we should try it on the politicians and their children first, that way the politicians might learn a little common sense and humility.

ResearcherZero March 25, 2026 5:57 AM

@Clive Robinson, winter, ALL

Social media bans target access instead of platform behavior.

Algorithms should be required to be submitted for mandatory independent auditing and research. This should be an open process with verifiable publication and reporting.

Age verification does not address safety issues or breaches of privacy. It does not improve transparency or make reporting of incidents of abuse and harm easier. It hides it instead.

The age verification partners are not open or secure either and collect large amounts of personally identifiable data. Many of them have agreements and contracts with government.

Persona for example runs many surveillance and financial intelligence functions that include biometric checks against watch-lists, flagged media checks, collection of a wide range of personal and device fingerprinting, government IDs, IP address, phone numbers, faces and further personal profiling. Companies like Persona can interface directly with the government and submit suspicious activity reports (SARs).

https://www.therage.co/persona-age-verification/

This data is retained for long periods of time and left publicly exposed.
https://www.pcmag.com/news/discord-70k-govt-ids-exposed-breach-hackers-posting-age-verification-selfies

Winter March 25, 2026 7:01 AM

@ResearcherZero

Social media bans target access instead of platform behavior.

But you know, what is easier: Banning all children from the internet or getting Meta to stop preying on children?

Obviously, they go for the easy road.

Clive Robinson March 26, 2026 1:04 AM

@ Bruce, and the usual suspects,

I will just leave this here,

https://www.theregister.com/2026/03/25/microsoft_nvidia_ai_nuclear/

Make of it what you will, but I think a rewording of,

“Happy days are here again! The skies above are clear again Let us sing a song of cheer again Happy days are here again!”

In a negative vein is very much in order, as the potential for dark skies of fall out just feels the way the “Run fast and break things” crowd will do it…

ResearcherZero March 26, 2026 7:56 AM

The Institute for the Study of War will no longer be publishing analysis of the Iran War on its blog. It will however post some updates via its social media feed.

Why, it has not said. It should address the why, even if it fears the results of honesty.

‘https://understandingwar.org/research/middle-east/iran-update-special-report-march-24-2026/

ResearcherZero March 27, 2026 5:31 AM

With already 50,000 soldiers in place, Trump is sending in at least another 7000 troops. Snatching Iran’s enriched uranium is amongst some of the ideas the administration has spit balled. The nuclear material could have been split up and spread across multiple hidden locations.

Successfully retrieving and handling cylinders containing uranium hexafluoride would be a very difficult operation. Even if such an operation succeeded, or the sites were further bombed to bury any enriched uranium under tons of rubble, Iran could still build new centrifuges to enrich more uranium at a later time.

When Isfahan, Natanz and Fordow were bombed the sites were heavily damaged creating risks of exposure. Some of the material might be buried under the collapsed facilities, or hidden in tunnels underground, which could be guarded and difficult to access. Iran may also have prepared traps to ambush any attempt to enter potential locations where radioactive material might be stored, increasing the range and type of risks ground forces would face.

Iran has biological weapons among its munitions and is being aided with Russian intel.

Securing the Strait of Hormuz to resume the transit of tankers is another difficult task. If the waterway is seeded with mines it would be challenging and time consuming to clear them. Protecting large and slow moving tankers presents further challenges that would place the assets guarding the ships during their transit in the path of danger as well. In the meantime, trade passing through the Gulf will still remain impacted and supply constrained.

Either way, the conflict and its consequences are going to drag on for many weeks more.

‘https://www.abc.net.au/news/2026-03-27/iranian-uranium-stockpile-us-and-israel-key-to-ending-war/106471006

The perfect drone kill-zone.

https://www.rusi.org/explore-our-research/publications/commentary/strait-hormuz-problem-what-securing-waterway-actually-requires

The United States has done little to equip its military for the age of drone warfare.
https://www.rusi.org/explore-our-research/publications/commentary/decade-long-struggle-thwart-irans-drones-carries-warnings-uk

Leave a comment

Blog moderation policy

Login

Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via https://michelf.ca/projects/php-markdown/extra/

Sidebar photo of Bruce Schneier by Joe MacInnis.