<h2>Recovering Smartphone Voice from the Accelerometer</h2>

<a href="https://www.schneier.com/blog/archives/2022/12/recovering-smartphone-voice-from-the-accelerometer.html"><strong>[2022.12.30]</strong></a> Yet another smartphone side-channel attack: “<a href="https://arxiv.org/pdf/2212.12151.pdf">EarSpy: Spying Caller Speech and Identity through Tiny Vibrations of Smartphone Ear Speakers</a>“: <blockquote><strong>Abstract:</strong> Eavesdropping from the user’s smartphone is a well-known threat to the user’s safety and privacy. Existing studies show that loudspeaker reverberation can inject speech into motion sensor readings, leading to speech eavesdropping. While more devastating attacks on ear speakers, which produce much smaller scale vibrations, were believed impossible to eavesdrop with zero-permission motion sensors. In this work, we revisit this important line of reach. We explore recent trends in smartphone manufacturers that include extra/powerful speakers in place of small ear speakers, and demonstrate the feasibility of using motion sensors to capture such tiny speech vibrations. We investigate the impacts of these new ear speakers on built-in motion sensors and examine the potential to elicit private speech information from the minute vibrations. Our designed system <em>EarSpy</em> can successfully detect word regions, time, and frequency domain features and generate a spectrogram for each word region. We train and test the extracted data using classical machine learning algorithms and convolutional neural networks. We found up to 98.66% accuracy in gender detection, 92.6% detection in speaker detection, and 56.42% detection in digit detection (which is 5X more significant than the random selection (10%)). Our result unveils the potential threat of eavesdropping on phone conversations from ear speakers using motion sensors.</blockquote> It’s not great, but it’s an impressive start.


<h2>Breaking RSA with a Quantum Computer</h2>

<a href="https://www.schneier.com/blog/archives/2023/01/breaking-rsa-with-a-quantum-computer.html"><strong>[2023.01.03]</strong></a> A group of Chinese researchers have <a href="https://arxiv.org/pdf/2212.12372.pdf">just published</a> a paper claiming that they can—although they have not yet done so—break 2048-bit RSA. This is something to take seriously. It might not be correct, but it’s not obviously wrong. We have long known from Shor’s algorithm that factoring with a quantum computer is easy. But it takes a big quantum computer, on the orders of millions of qbits, to factor anything resembling the key sizes we use today. What the researchers have done is combine classical lattice reduction factoring techniques with a quantum approximate optimization algorithm. This means that they only need a quantum computer with 372 qbits, which is well within what’s possible today. (The <a href="https://newsroom.ibm.com/2022-11-09-IBM-Unveils-400-Qubit-Plus-Quantum-Processor-and-Next-Generation-IBM-Quantum-System-Two">IBM Osprey</a> is a 433-qbit quantum computer, for example. Others are on their way as well.) The Chinese group didn’t have that large a quantum computer to work with. They were able to factor 48-bit numbers using a 10-qbit quantum computer. And while there are always potential problems when scaling something like this up by a factor of 50, there are no obvious barriers. Honestly, most of the paper is over my head—both the lattice-reduction math and the quantum physics. And there’s the nagging question of why the Chinese government didn’t classify this research. But…wow…maybe…and yikes! Or not. <blockquote>“<a href="https://arxiv.org/pdf/2212.12372.pdf">Factoring integers with sublinear resources on a superconducting quantum processor</a>” <b>Abstract:</b> Shor’s algorithm has seriously challenged information security based on public key cryptosystems. However, to break the widely used RSA-2048 scheme, one needs millions of physical qubits, which is far beyond current technical capabilities. Here, we report a universal quantum algorithm for integer factorization by combining the classical lattice reduction with a quantum approximate optimization algorithm (QAOA). The number of qubits required is O(logN/loglogN ), which is sublinear in the bit length of the integer N , making it the most qubit-saving factorization algorithm to date. We demonstrate the algorithm experimentally by factoring integers up to 48 bits with 10 superconducting qubits, the largest integer factored on a quantum device. We estimate that a quantum circuit with 372 physical qubits and a depth of thousands is necessary to challenge RSA-2048 using our algorithm. Our study shows great promise in expediting the application of current noisy quantum computers, and paves the way to factor large integers of realistic cryptographic significance.</blockquote> In email, <a href="https://www.amazon.com/Cryptography-Apocalypse-Preparing-Quantum-Computing/dp/1119618193">Roger Grimes</a> told me: “Apparently what happened is another guy who had previously announced he was able to break traditional asymmetric encryption using classical computers…but reviewers found a flaw in his algorithm and that guy had to retract his paper. But this Chinese team realized that the step that killed the whole thing could be solved by small quantum computers. So they tested and it worked.” EDITED TO ADD: One of the issues with the algorithm is that it relies on a <a href="https://eprint.iacr.org/2021/933">recent factoring paper</a> by Claus Schnorr. It’s a controversial paper; and despite the “this destroys the RSA cryptosystem” claim in the abstract, it does nothing of the sort. Schnorr’s algorithm works well with smaller moduli—around the same order as ones the Chinese group has tested—but falls apart at larger sizes. At this point, nobody understands why. The Chinese paper claims that their quantum techniques get around this limitation (I think that’s what’s behind Grimes’s comment) but don’t give any details—and they haven’t tested it with larger moduli. So if it’s true that the Chinese paper depends on this Schnorr technique that doesn’t scale, the techniques in this Chinese paper won’t scale, either. (On the other hand, if it does scale then I think it also breaks a bunch of lattice-based public-key cryptosystems.) I am <i>much</i> less worried that this technique will work now. But this is something the IBM quantum computing people can test right now. EDITED TO ADD (1/4): A reporter just asked me my gut feel about this. I replied that I don’t think this will break RSA. Several times a year the cryptography community received “breakthroughs” from people outside the community. That’s why we created the RSA Factoring Challenge: to force people to provide proofs of their claims. In general, the smart bet is on the new techniques not working. But someday, that bet will be wrong. Is it today? Probably not. But it could be. We’re in the worst possible position right now: we don’t have the facts to know. Someone needs to implement the quantum algorithm and see. EDITED TO ADD (1/5): Scott Aaronson’s <a href="https://scottaaronson.blog/?p=6957">take</a> is a “no”: <blockquote>In the new paper, the authors spend page after page saying-without-saying that it <i>might</i> soon become possible to break RSA-2048, using a NISQ (i.e., non-fault-tolerant) quantum computer. They do so via two time-tested strategems: <ol> <li>the detailed exploration of irrelevancies (mostly, optimization of the number of qubits, while ignoring the number of gates), and</li> <li>complete silence about the one crucial point.</li> </ol> Then, finally, they come clean about the one crucial point in a single sentence of the Conclusion section: <blockquote>It should be pointed out that the quantum speedup of the algorithm is unclear due to the ambiguous convergence of QAOA.</blockquote> “Unclear” is an understatement here. It seems to me that a miracle would be required for the approach here to yield any benefit at all, compared to just running the classical Schnorr’s algorithm on your laptop. And if the latter were able to break RSA, it would’ve already done so. All told, this is one of the most actively misleading quantum computing papers I’ve seen in 25 years, and I’ve seen … many.</blockquote> EDITED TO ADD (1/7): More <a href="https://www.linkedin.com/feed/update/urn:li:activity:7016808281847336960/">commentary</a>. Again: no need to panic. EDITED TO ADD (1/12): Peter Shor has <a href="https://twitter.com/PeterShor1/status/1607864880324804608">suspicions</a>.


<h2>Decarbonizing Cryptocurrencies through Taxation</h2>

<a href="https://www.schneier.com/blog/archives/2023/01/decarbonizing-cryptocurrencies-through-taxation.html"><strong>[2023.01.04]</strong></a> Maintaining bitcoin and other cryptocurrencies <a href="https://www.whitehouse.gov/wp-content/uploads/2022/09/09-2022-Crypto-Assets-and-Climate-Report.pdf">causes</a> about 0.3 percent of global CO<sub>2</sub> emissions. That may not sound like a lot, but it’s more than the emissions of Switzerland, Croatia, and Norway <i>combined</i>. As many cryptocurrencies crash and the FTX bankruptcy moves into the litigation stage, regulators are likely to scrutinize the cryptocurrency world more than ever before. This presents a perfect opportunity to curb their environmental damage. The good news is that cryptocurrencies don’t have to be carbon intensive. In fact, some have near-zero emissions. To encourage polluting currencies to reduce their carbon footprint, we need to force buyers to pay for their environmental harms through taxes. The difference in emissions among cryptocurrencies comes down to how they create new coins. Bitcoin and other high emitters use a system called “<a href="https://www.coinbase.com/learn/crypto-basics/what-is-proof-of-work-or-proof-of-stake">proof of work</a>“: to generate coins, participants, or “miners,” have to solve math problems that demand extraordinary computing power. This allows currencies to maintain their decentralized ledger—the blockchain—but requires enormous amounts of energy. Greener alternatives exist. Most notably, the “proof of stake” system enables participants to maintain their blockchain by depositing cryptocurrency holdings in a pool. When the second-largest cryptocurrency, Ethereum, <a href="https://www.nytimes.com/2022/09/15/technology/ethereum-merge-crypto.html">switched from proof of work to proof of stake</a> earlier this year, its energy consumption dropped by more than 99.9% overnight. Bitcoin and other cryptocurrencies probably won’t follow suit unless forced to, because proof of work offers massive profits to miners—and they’re the ones with power in the system. Multiple legislative levers could be used to entice them to change. The most blunt solution is to ban cryptocurrency mining altogether. <a href="https://www.nytimes.com/2022/02/25/climate/bitcoin-china-energy-pollution.html">China did this in 2018</a>, but it only made the problem worse; mining moved to other countries with even less efficient energy generation, and emissions went up. The only way for a mining ban to meaningfully reduce carbon emissions is to enact it across most of the globe. Achieving that level of international consensus is, to say the least, unlikely. A second solution is to prohibit the buying and selling of proof-of-work currencies. The European Parliament’s Committee on Economic and Monetary Affairs considered making such a proposal, but <a href="https://www.coindesk.com/policy/2022/03/14/proposal-limiting-proof-of-work-is-rejected-in-eu-parliament-committee-vote-sources/">voted against it in March</a>. This is understandable; as with a mining ban, it would be both viewed as paternalistic and difficult to implement politically. Employing a tax instead of an outright ban would largely skirt these issues. As with taxes on gasoline, tobacco, plastics, and alcohol, a cryptocurrency tax could reduce real-world harm by making consumers pay for it. Most ways of taxing cryptocurrencies would be inefficient, because they’re easy to circumvent and hard to enforce. To avoid these pitfalls, the tax should be levied as a fixed percentage of each proof-of-work-cryptocurrency purchase. Cryptocurrency exchanges should collect the tax, just as merchants collect sales taxes from customers before passing the sum on to governments. To make it harder to evade, the tax should apply regardless of how the proof-of-work currency is being exchanged—whether for a fiat currency or another cryptocurrency. Most important, any state that implements the tax should target all purchases by citizens in its jurisdiction, even if they buy through exchanges with no legal presence in the country. This sort of tax would be transparent and easy to enforce. Because most people buy cryptocurrencies from one of only a few large exchanges—such as Binance, Coinbase, and Kraken—auditing them should be cheap enough that it pays for itself. If an exchange fails to comply, it should be banned. Even a small tax on proof-of-work currencies would reduce their damage to the planet. Imagine that you’re new to cryptocurrency and want to become a first-time investor. You’re presented with a range of currencies to choose from: bitcoin, ether, litecoin, monero, and others. You notice that all of them except ether add an environmental tax to your purchase price. Which one do you buy? Countries don’t need to coordinate across borders for a proof-of-work tax on their own citizens to be effective. But early adopters should still consider ways to encourage others to come on board. This has precedent. The European Union is trying to influence global policy with its <a href="https://climatetrade.com/everything-you-need-to-know-about-the-eu-carbon-border-adjustment-mechanism/">carbon border adjustments</a>, which are designed to discourage people from buying carbon-intensive products abroad in order to skirt taxes. Similar rules for a proof-of-work tax could persuade other countries to adopt one. Of course, some people will try to evade the tax, just as people evade every other tax. For example, people might buy tax-free coins on centralized exchanges and then swap them for polluting coins on decentralized exchanges. To some extent, this is inevitable; no tax is perfect. But the effort and technical know-how needed to evade a proof-of-work tax will be a major deterrent. Even if only a few countries implement this tax—and even if some people evade it—the desirability of bitcoin will fall globally, and the environmental benefit will be significant. A high enough tax could also cause a self-reinforcing cycle that will drive down these cryptocurrencies’ prices. Because the value of many cryptocurrencies rely largely on speculation, they are dependent on future buyers. When speculators are deterred by the tax, the lack of demand will cause the price of bitcoin to fall, which could prompt more current holders to sell—further lowering prices and accelerating the effect. Declining prices will pressure the bitcoin community to abandon proof of work altogether. Taxing proof-of-work exchanges might hurt them in the short run, but it would not hinder blockchain innovation. Instead, it would redirect innovation toward greener cryptocurrencies. This is no different than how government incentives for electric vehicles encourage carmakers to improve green alternatives to the internal combustion engine. These incentives don’t restrict innovation in automobiles—they promote it. Taxing environmentally harmful cryptocurrencies can gain support across the political spectrum, from people with varied interests. It would benefit blockchain innovators and cryptocurrency researchers by shifting focus from environmental harm to beneficial uses of the technology. It has the potential to make our planet significantly greener. It would increase government revenues. Even bitcoin maximalists have reason to embrace the proposal: it would offer the bitcoin community a chance to prove it can survive and grow sustainably. This essay was written with Christos Porios, and <a href="https://www.theatlantic.com/ideas/archive/2022/12/cryptocurrency-mining-environmental-impact-solution/672360/">previously appeared</a> in the <i>Atlantic</i>.


<h2>Remote Vulnerabilities in Automobiles</h2>

<a href="https://www.schneier.com/blog/archives/2023/01/remote-vulnerabilities-in-automobiles.html"><strong>[2023.01.06]</strong></a> This group has found <a href="https://samcurry.net/web-hackers-vs-the-auto-industry/">a ton</a> of remote vulnerabilities in all sorts of automobiles. It’s enough to make you want to buy a car that is <i>not</i> Internet-connected. Unfortunately, that seems to be impossible.


<h2><i>Schneier on Security</i> Audiobook Sale</h2>

<a href="https://www.schneier.com/blog/archives/2023/01/schneier-on-security-audiobook-sale.html"><strong>[2023.01.06]</strong></a> I’m not sure why, but Audiobooks.com is <a href="https://www.audiobooks.com/promotions/promotedBook/444353/schneier-on-security?refId=52755">offering</a> the audiobook version of <i>Schneier on Security</i> at 50% off until January 17. <a href="https://www.audiobooks.com/promotions/promotedBook/444353/schneier-on-security?refId=52755"><img decoding="async" loading="lazy" src="https://www.schneier.com/wp-content/uploads/2023/01/SoS-audiobook.jpg" alt="" width="344" height="344" class="alignnone size-full wp-image-66472" srcset="https://www.schneier.com/wp-content/uploads/2023/01/SoS-audiobook.jpg 344w, https://www.schneier.com/wp-content/uploads/2023/01/SoS-audiobook-300x300.jpg 300w, https://www.schneier.com/wp-content/uploads/2023/01/SoS-audiobook-150x150.jpg 150w, https://www.schneier.com/wp-content/uploads/2023/01/SoS-audiobook-100x100.jpg 100w" sizes="(max-width: 344px) 100vw, 344px" /></a> EDITED TO ADD: The audiobook of <i>We Have Root</i> is 50% off until January 27 if you use <a href="https://www.audiobooks.com/promotions/promotedBook/399148/we-have-root-even-more-advice-from-schneier-on-security?refId=55158">this link</a>.


<h2>Identifying People Using Cell Phone Location Data</h2>

<a href="https://www.schneier.com/blog/archives/2023/01/identifying-people-using-cell-phone-location-data.html"><strong>[2023.01.09]</strong></a> The two people who shut down four Washington power stations in December <a href="https://www.cnn.com/2023/01/03/politics/washington-power-substation-attacks/index.html">were arrested</a>. This is the interesting part: <blockquote>Investigators identified Greenwood and Crahan almost immediately after the attacks took place by using cell phone data that allegedly showed both men in the vicinity of all four substations, according to court documents.</blockquote> Nowadays, it seems like an obvious thing to do—although the search is probably <a href="https://www.webpronews.com/judges-rules-blanket-cellphone-location-tracking-is-unconstitutional/">unconstitutional</a>. But way back in 2012, the Canadian CSEC—that’s their NSA—did some top-secret work on this kind of thing. The document is part of the Snowden archive, and I <a href="https://www.schneier.com/blog/archives/2014/02/csec_surveillan.html">wrote</a> about it: <blockquote>The second application suggested is to identify a particular person whom you know visited a particular geographical area on a series of dates/times. The example in the presentation is a kidnapper. He is based in a rural area, so he can’t risk making his ransom calls from that area. Instead, he drives to an urban area to make those calls. He either uses a burner phone or a pay phone, so he can’t be identified that way. But if you assume that he has some sort of smart phone in his pocket that identifies itself over the Internet, you might be able to find him in that dataset. That is, he might be the only ID that appears in that geographical location around the same time as the ransom calls and at no other times.</blockquote> There’s a whole lot of surveillance you can do if you can follow everyone, everywhere, all the time. I don’t even think turning your cell phone off would help in this instance. How many people in the Washington area turned their phones off during exactly the times of the Washington power station attacks? Probably a small enough number to investigate them all.


<h2>ChatGPT-Written Malware</h2>

<a href="https://www.schneier.com/blog/archives/2023/01/chatgpt-written-malware.html"><strong>[2023.01.10]</strong></a> I don’t know how much of a thing this will end up being, but we <a href="https://arstechnica.com/information-technology/2023/01/chatgpt-is-enabling-script-kiddies-to-write-functional-malware/">are seeing</a> ChatGPT-written malware in the wild. <blockquote>…within a few weeks of ChatGPT going live, participants in cybercrime forums—­some with little or no coding experience­—were using it to write software and emails that could be used for espionage, ransomware, malicious spam, and other malicious tasks. “It’s still too early to decide whether or not ChatGPT capabilities will become the new favorite tool for participants in the Dark Web,” company researchers wrote. “However, the cybercriminal community has already shown significant interest and are jumping into this latest trend to generate malicious code.” Last month, one forum participant posted what they claimed was the first script they had written and credited the AI chatbot with providing a “nice [helping] hand to finish the script with a nice scope.” The Python code combined various cryptographic functions, including code signing, encryption, and decryption. One part of the script generated a key using elliptic curve cryptography and the curve ed25519 for signing files. Another part used a hard-coded password to encrypt system files using the Blowfish and Twofish algorithms. A third used RSA keys and digital signatures, message signing, and the blake2 hash function to compare various files.</blockquote> Check Point Research <a href="https://research.checkpoint.com/2023/opwnai-cybercriminals-starting-to-use-chatgpt/">report</a>. ChatGPT-generated code <a href="https://www.techtarget.com/searchsoftwarequality/news/252528379/ChatGPT-writes-code-but-wont-replace-developers">isn’t that good</a>, but it’s a start. And the technology will only get better. Where it matters here is that it gives less skilled hackers—script kiddies—new capabilities.


<h2>Experian Privacy Vulnerability</h2>

<a href="https://www.schneier.com/blog/archives/2023/01/experian-privacy-vulnerability.html"><strong>[2023.01.12]</strong></a> Brian Krebs is <a href="https://krebsonsecurity.com/2023/01/identity-thieves-bypassed-experian-security-to-view-credit-reports/">reporting</a> on a vulnerability in Experian’s website: <blockquote>Identity thieves have been exploiting a glaring security weakness in the website of Experian, one of the big three consumer credit reporting bureaus. Normally, Experian requires that those seeking a copy of their credit report successfully answer several multiple choice questions about their financial history. But until the end of 2022, Experian’s website allowed anyone to bypass these questions and go straight to the consumer’s report. All that was needed was the person’s name, address, birthday and Social Security number.</blockquote>


<h2>Threats of Machine-Generated Text</h2>

<a href="https://www.schneier.com/blog/archives/2023/01/threats-of-machine-generated-text.html"><strong>[2023.01.13]</strong></a> With the release of ChatGPT, I’ve read many random articles about this or that threat from the technology. This <a href="https://arxiv.org/pdf/2210.07321.pdf">paper</a> is a good survey of the field: what the threats are, how we might detect machine-generated text, directions for future research. It’s a solid grounding amongst all of the hype. <blockquote>Machine Generated Text: A Comprehensive Survey of Threat Models and Detection Methods <b>Abstract:</b> Advances in natural language generation (NLG) have resulted in machine generated text that is increasingly difficult to distinguish from human authored text. Powerful open-source models are freely available, and user-friendly tools democratizing access to generative models are proliferating. The great potential of state-of-the-art NLG systems is tempered by the multitude of avenues for abuse. Detection of machine generated text is a key countermeasure for reducing abuse of NLG models, with significant technical challenges and numerous open problems. We provide a survey that includes both 1) an extensive analysis of threat models posed by contemporary NLG systems, and 2) the most complete review of machine generated text detection methods to date. This survey places machine generated text within its cybersecurity and social context, and provides strong guidance for future work addressing the most critical threat models, and ensuring detection systems themselves demonstrate trustworthiness through fairness, robustness, and accountability.</blockquote>


<h2><i>Booklist</i> Review of <i>A Hacker's Mind</i></h2>

<a href="https://www.schneier.com/blog/archives/2023/01/booklist-review-of-a-hackers-mind.html"><strong>[2023.01.14]</strong></a> <i>Booklist</i> <a href="https://www.booklistonline.com/A-Hacker-s-Mind-How-the-Powerful-Bend-Society-s-Rules-and-How-to-Bend-them-Back-/pid=9771457">reviews</a> <i>A Hacker’s Mind</i>: <blockquote>Author and public-interest security technologist Schneier (<em>Data and Goliath</em>, 2015) defines a “hack” as an activity allowed by a system “that subverts the rules or norms of the system […] at the expense of someone else affected by the system.” In accessing the security of a particular system, technologists such as Schneier look at how it might fail. In order to counter a hack, it becomes necessary to think like a hacker. Schneier lays out the ramifications of a variety of hacks, contrasting the hacking of the tax code to benefit the wealthy with hacks in realms such as sports that can innovate and change a game for the better. The key to dealing with hacks is being proactive and providing adequate patches to fix any vulnerabilities. Schneier’s fascinating work illustrates how susceptible many systems are to being hacked and how lives can be altered by these subversions. Schneier’s deep dive into this cross-section of technology and humanity makes for investigative gold.</blockquote> The book will be published on February 7. <a href="https://www.schneier.com/books/a-hackers-mind/">Here’s</a> the book’s webpage. You can pre-order a signed copy from me <a href="https://www.schneier.com/product/a-hackers-mind-hardcover/">here</a>.


<h2>Upcoming Speaking Engagements</h2>

<a href="https://www.schneier.com/blog/archives/2023/01/upcoming-speaking-engagements-26.html"><strong>[2023.01.14]</strong></a> This is a current list of where and when I am scheduled to speak: <ul> <li>I’m speaking at <a href="https://capricon.org/">Capricon</a>, a four-day science fiction convention in Chicago. My talk is on “The Coming AI Hackers” and will be held Friday, February 3 at 1:00 PM.</li> </ul> The list is maintained on <a href="https://www.schneier.com/events/">this page</a>.


<h2>Hacked Cellebrite and MSAB Software Released</h2>

<a href="https://www.schneier.com/blog/archives/2023/01/hacked-cellebrite-and-msab-software-released.html"><strong>[2023.01.16]</strong></a> <a href="https://cellebrite.com/en/home/">Cellebrite</a> is an cyberweapons arms manufacturer that sells smartphone forensic software to governments around the world. <a href="https://www.msab.com/">MSAB</a> is a Swedish company that does the same thing. <a href="https://ddosecrets.substack.com/p/cellebrite-msab-phone-forensics-leak">Someone</a> <a href="https://boards.4chan.org/pol/thread/412110904">has</a> <a href="https://archive.ph/OEI3g">released</a> software and documentation from both companies.


<h2>The FBI Identified a Tor User</h2>

<a href="https://www.schneier.com/blog/archives/2023/01/the-fbi-identified-a-tor-user.html"><strong>[2023.01.17]</strong></a> <a href="https://www.vice.com/en/article/z34dx3/fbi-wont-say-hacked-dark-web-isis-site-nit">No details</a>, though: <blockquote>According to the complaint against him, Al-Azhari allegedly visited a dark web site that hosts “unofficial propaganda and photographs related to ISIS” multiple times on May 14, 2019. In virtue of being a dark web site—­that is, one hosted on the Tor anonymity network—­it should have been difficult for the site owner’s or a third party to determine the real IP address of any of the site’s visitors. Yet, that’s exactly what the FBI did. It found Al-Azhari allegedly visited the site from an IP address associated with Al-Azhari’s grandmother’s house in Riverside, California. The FBI also found what specific pages Al-Azhari visited, including a section on donating Bitcoin; another focused on military operations conducted by ISIS fighters in Iraq, Syria, and Nigeria; and another page that provided links to material from ISIS’s media arm. Without the FBI deploying some form of surveillance technique, or Al-Azhari using another method to visit the site which exposed their IP address, this should not have been possible.</blockquote> There are lots of ways to de-anonymize Tor users. Someone at the NSA gave a <a href="https://www.theguardian.com/world/interactive/2013/oct/04/tor-stinks-nsa-presentation-document">presentation</a> on this ten years ago. (I <a href="https://www.theguardian.com/world/2013/oct/04/tor-attacks-nsa-users-online-anonymity">wrote about it</a> for the <i>Guardian</i> in 2013, an essay that reads so dated in light of what we’ve learned since then.) It’s unlikely that the FBI uses the same sorts of broad surveillance techniques that the NSA does, but it’s certainly possible that the NSA did the surveillance and passed the information to the FBI.


<h2>AI and Political Lobbying</h2>

<a href="https://www.schneier.com/blog/archives/2023/01/ai-and-political-lobbying.html"><strong>[2023.01.18]</strong></a> Launched just weeks ago, ChatGPT is already threatening to upend how we draft everyday communications like <a href="https://www.streak.com/post/how-to-use-ai-to-write-perfect-cold-emails">emails</a>, <a href="https://www.theatlantic.com/technology/archive/2022/12/chatgpt-ai-writing-college-student-essays/672371/">college essays</a> and myriad <a href="https://javascript.plainenglish.io/13-best-examples-of-chatgpt-on-the-internet-so-far-316876466d1c">other forms</a> of writing. Created by the company OpenAI, ChatGPT is a chatbot that can automatically respond to written prompts in a manner that is sometimes eerily close to human. But for all the consternation over the potential for humans to be replaced by machines in formats like poetry and sitcom scripts, a far greater threat looms: artificial intelligence replacing humans in the democratic processes—not through voting, but through lobbying. ChatGPT could <a href="https://www.washingtonpost.com/business/chatgpt-could-makedemocracy-even-more-messy/2022/12/06/e613edf8-756a-11ed-a199-927b334b939f_story.html">automatically compose</a> comments submitted in regulatory processes. It could write letters to the editor for publication in local newspapers. It could comment on news articles, blog entries and social media posts millions of times every day. It could mimic the work that the Russian Internet Research Agency did in its attempt to influence our 2016 elections, but without the agency’s reported <a href="https://www.businessinsider.com/russian-troll-farm-spent-millions-on-election-interference-2018-2">multimillion-dollar budget</a> and <a href="https://www.justice.gov/file/1035477/download">hundreds of employees.</a> Automatically generated comments aren’t a new problem. For some time, we have struggled with bots, machines that automatically post content. Five years ago, at least a million automatically drafted comments were <a href="https://www.wired.com/story/bots-broke-fcc-public-comment-system/">believed to have been submitted</a> to the Federal Communications Commission regarding proposed regulations on net neutrality. In 2019, a Harvard undergraduate, as a test, used a text-generation program to <a href="https://techscience.org/a/2019121801/">submit</a> 1,001 comments in response to a government request for public input on a Medicaid issue. Back then, submitting comments was just a game of overwhelming numbers. Platforms have gotten better at removing “coordinated inauthentic behavior.” Facebook, for example, has been <a href="https://about.fb.com/news/2022/05/community-standards-enforcement-report-q1-2022/">removing</a> over a billion fake accounts a year. But such messages are just the beginning. Rather than flooding legislators’ inboxes with supportive emails, or dominating the Capitol switchboard with synthetic voice calls, an AI system with the sophistication of ChatGPT but trained on relevant data could selectively target key legislators and influencers to identify the weakest points in the policymaking system and ruthlessly exploit them through direct communication, public relations campaigns, horse trading or other points of leverage. When we humans do these things, we call it lobbying. Successful agents in this sphere pair precision message writing with smart targeting strategies. Right now, the only thing stopping a ChatGPT-equipped lobbyist from executing something resembling a rhetorical drone warfare campaign is a lack of precision targeting. AI could provide techniques for that as well. A system that can understand political networks, if paired with the textual-generation capabilities of ChatGPT, could identify the member of Congress with the most leverage over a particular policy area—say, corporate taxation or military spending. Like human lobbyists, such a system could target undecided representatives sitting on committees controlling the policy of interest and then focus resources on members of the majority party when a bill moves toward a floor vote. Once individuals and strategies are identified, an AI chatbot like ChatGPT could craft written messages to be used in letters, comments—anywhere text is useful. Human lobbyists could also target those individuals directly. It’s the combination that’s important: Editorial and social media comments only get you so far, and knowing which legislators to target isn’t itself enough. This ability to understand and target actors within a network would create a tool for <a href="https://www.schneier.com/academic/archives/2021/04/the-coming-ai-hackers.html">AI hacking</a>, exploiting vulnerabilities in social, economic and political systems with incredible speed and scope. Legislative systems would be a particular target, because the motive for attacking policymaking systems is so strong, because the data for training such systems is so widely available and because the use of AI may be so hard to detect—particularly if it is being used strategically to guide human actors. The data necessary to train such strategic targeting systems will only grow with time. Open societies generally make their democratic processes a matter of public record, and most legislators are eager—at least, performatively so—to accept and respond to messages that appear to be from their constituents. Maybe an AI system could uncover which members of Congress have significant sway over leadership but still have low enough public profiles that there is only modest competition for their attention. It could then pinpoint the SuperPAC or public interest group with the greatest impact on that legislator’s public positions. Perhaps it could even calibrate the size of donation needed to influence that organization or direct targeted online advertisements carrying a strategic message to its members. For each policy end, the right audience; and for each audience, the right message at the right time. What makes the threat of AI-powered lobbyists greater than the threat already posed by the high-priced lobbying firms on K Street is their potential for acceleration. Human lobbyists rely on decades of experience to find strategic solutions to achieve a policy outcome. That expertise is limited, and therefore expensive. AI could, theoretically, do the same thing much more quickly and cheaply. Speed out of the gate is a huge advantage in an ecosystem in which public opinion and media narratives can become entrenched quickly, as is being nimble enough to shift rapidly in response to chaotic world events. Moreover, the flexibility of AI could help achieve influence across many policies and jurisdictions simultaneously. Imagine an AI-assisted lobbying firm that can attempt to place legislation in every single bill moving in the US Congress, or even across all state legislatures. Lobbying firms tend to work within one state only, because there are such complex variations in law, procedure and political structure. With AI assistance in navigating these variations, it may become easier to exert power across political boundaries. Just as teachers will have to change how they give students exams and essay assignments in light of ChatGPT, governments will have to change how they relate to lobbyists. To be sure, there may also be benefits to this technology in the democracy space; the biggest one is accessibility. Not everyone can afford an experienced lobbyist, but a software interface to an AI system could be made available to anyone. If we’re lucky, maybe this kind of strategy-generating AI could revitalize the democratization of democracy by giving this kind of lobbying power to the powerless. However, the biggest and most powerful institutions will likely use any AI lobbying techniques most successfully. After all, executing the best lobbying strategy still requires insiders—people who can walk the halls of the legislature—and money. Lobbying isn’t just about giving the right message to the right person at the right time; it’s also about giving money to the right person at the right time. And while an AI chatbot can identify who should be on the receiving end of those campaign contributions, humans will, for the foreseeable future, need to supply the cash. So while it’s impossible to predict what a future filled with AI lobbyists will look like, it will probably make the already influential and powerful even more so. This essay was written with Nathan Sanders, and <a href="https://www.nytimes.com/2023/01/15/opinion/ai-chatgpt-lobbying-democracy.html">previously appeared</a> in the <i>New York Times</i>. Edited to Add: After writing this, we discovered that a research group is <a href="https://law.stanford.edu/2023/01/06/large-language-models-as-lobbyists/">researching</a> AI and lobbying: <blockquote>We used autoregressive large language models (LLMs, the same type of model behind the now wildly popular <https://chat.openai.com/chat>ChatGPT) to systematically conduct the following steps. (The full code is available at this GitHub link: <https://github.com/JohnNay/llm-lobbyist>https://github.com/JohnNay/llm-lobbyist.) <ol><li>Summarize official U.S. Congressional bill summaries that are too long to fit into the context window of the LLM so the LLM can conduct steps 2 and 3. <li>Using either the original official bill summary (if it was not too long), or the summarized version: <ol><li>Assess whether the bill may be relevant to a company based on a company’s description in its SEC 10K filing. <li>Provide an explanation for why the bill is relevant or not. <li>Provide a confidence level to the overall answer.</ol> <li>If the bill is deemed relevant to the company by the LLM, draft a letter to the sponsor of the bill arguing for changes to the proposed legislation.</ol></blockquote> <a href="https://papers.ssrn.com/sol3/papers.cfm?abstract_id=4316615">Here</a> is the paper.


<h2>Security Analysis of Threema</h2>

<a href="https://www.schneier.com/blog/archives/2023/01/security-analysis-of-threema.html"><strong>[2023.01.19]</strong></a> A group of Swiss researchers <a href="https://breakingthe3ma.app/files/Threema-PST22.pdf">have published</a> an impressive security analysis of Threema. <blockquote>We provide an extensive cryptographic analysis of Threema, a Swiss-based encrypted messaging application with more than 10 million users and 7000 corporate customers. We present seven different attacks against the protocol in three different threat models. As one example, we present a cross-protocol attack which breaks authentication in Threema and which exploits the lack of proper key separation between different sub-protocols. As another, we demonstrate a compression-based side-channel attack that recovers users’ long-term private keys through observation of the size of Threema encrypted back-ups. We discuss remediations for our attacks and draw three wider lessons for developers of secure protocols.</blockquote> From a <a href="https://arstechnica.com/information-technology/2023/01/messenger-billed-as-better-than-signal-is-riddled-with-vulnerabilities/">news article</a>: <blockquote>Threema has more than 10 million users, which include the Swiss government, the Swiss army, German Chancellor Olaf Scholz, and other politicians in that country. Threema developers advertise it as a more secure alternative to Meta’s WhatsApp messenger. It’s among the top Android apps for a fee-based category in Switzerland, Germany, Austria, Canada, and Australia. The app uses a custom-designed encryption protocol in contravention of established cryptographic norms.</blockquote> The company is performing the usual denials and deflections: <blockquote>In a <a href="https://threema.ch/en/blog/posts/news-alleged-weaknesses-statement">web post</a>, Threema officials said the vulnerabilities applied to an old protocol that’s no longer in use. It also said the researchers were overselling their findings. “While some of the findings presented in the paper may be interesting from a theoretical standpoint, none of them ever had any considerable real-world impact,” the post stated. “Most assume extensive and unrealistic prerequisites that would have far greater consequences than the respective finding itself.” Left out of the statement is that the protocol the researchers analyzed is old because they disclosed the vulnerabilities to Threema, and Threema updated it.</blockquote>


<h2>Real-World Steganography</h2>

<a href="https://www.schneier.com/blog/archives/2023/01/real-world-steganography.html"><strong>[2023.01.20]</strong></a> From an <a href="https://www.bbc.com/news/world-asia-china-64206950">article</a> about Zheng Xiaoqing, an American convicted of spying for China: <blockquote>According to a Department of Justice (DOJ) indictment, the US citizen hid confidential files stolen from his employers in the binary code of a digital photograph of a sunset, which Mr Zheng then mailed to himself.</blockquote>


<h2><i>Publisher's Weekly</i> Review of <i>A Hacker's Mind</i></h2>

<a href="https://www.schneier.com/blog/archives/2023/01/publishers-weekly-review-of-a-hackers-mind.html"><strong>[2023.01.21]</strong></a> <i>Publisher’s Weekly</i> <a href="https://www.publishersweekly.com/9780393866667"> reviewed</a> <i>A Hacker’s Mind</i>—and it’s a starred review! <blockquote>“Hacking is something that the rich and powerful do, something that reinforces existing power structures,” contends security technologist Schneier (<i>Click Here to Kill Everybody</i>) in this excellent survey of exploitation. Taking a broad understanding of hacking as an “activity allowed by the system that subverts the… system,” Schneier draws on his background analyzing weaknesses in cybersecurity to examine how those with power take advantage of financial, legal, political, and cognitive systems. He decries how venture capitalists “hack” market dynamics by subverting the pressures of supply and demand, noting that venture capital has kept Uber afloat despite the company having not yet turned a profit. Legal loopholes constitute another form of hacking, Schneier suggests, discussing how the inability of tribal courts to try non-Native individuals means that many sexual assaults of Native American women go unprosecuted because they were committed by non-Native American men. Schneier outlines strategies used by corporations to capitalize on neural processes and “hack… our attention circuits,” pointing out how Facebook’s algorithms boost content that outrages users because doing so increases engagement. Elegantly probing the mechanics of exploitation, Schneier makes a persuasive case that “we need society’s rules and laws to be as patchable as your computer.” With lessons that extend far beyond the tech world, this has much to offer.</blockquote> The book will be published on February 7. <a href="https://www.schneier.com/books/a-hackers-mind/">Here’s</a> the book’s webpage. You can pre-order a signed copy from me <a href="https://www.schneier.com/product/a-hackers-mind-hardcover/">here</a>.


<h2>No-Fly List Exposed</h2>

<a href="https://www.schneier.com/blog/archives/2023/01/no-fly-list-exposed.html"><strong>[2023.01.23]</strong></a> I can’t remember the last time I thought about the US no-fly list: the list of people so dangerous they should never be allowed to fly on an airplane, yet so innocent that we can’t arrest them. Back when I thought about it a lot, I realized that the TSA’s practice of giving it to every airline meant that it was not well protected, and it certainly ended up in the hands of every major government that wanted it. The list is back in the news today, having been <a href="https://www.dailydot.com/debug/no-fly-list-us-tsa-unprotected-server-commuteair/">left exposed</a> on an insecure airline computer. (The airline is CommuteAir, a company so obscure that I’ve never heard of it before.) This is, of course, the problem with having to give a copy of your secret list to lots of people.


<h2>Bulk Surveillance of Money Transfers</h2>

<a href="https://www.schneier.com/blog/archives/2023/01/bulk-surveillance-of-money-transfers.html"><strong>[2023.01.24]</strong></a> Just another obscure <a href="https://www.engadget.com/us-money-transfer-mass-surveillance-trac-183552282.html">warrantless surveillance program</a>. <blockquote>US law enforcement can access details of money transfers without a warrant through an obscure surveillance program the Arizona attorney general’s office created in 2014. A database stored at a nonprofit, the Transaction Record Analysis Center (TRAC), provides full names and amounts for larger transfers (above $500) sent between the US, Mexico and 22 other regions through services like Western Union, MoneyGram and Viamericas. The program covers data for numerous Caribbean and Latin American countries in addition to Canada, China, France, Malaysia, Spain, Thailand, Ukraine and the US Virgin Islands. Some domestic transfers also enter the data set. […] You need to be a member of law enforcement with an active government email account to use the database, which is available through a publicly visible web portal. Leber told <i>The Journal</i> that there haven’t been any known breaches or instances of law enforcement misuse. However, Wyden noted that the surveillance program included more states and countries than previously mentioned in briefings. There have also been subpoenas for bulk money transfer data from Homeland Security Investigations (which withdrew its request after Wyden’s inquiry), the DEA and the FBI. </blockquote> How is it that Arizona can be in charge of this? <i>Wall Street Journal</i> <a href="https://www.wsj.com/podcasts/whats-news/inside-the-surveillance-program-on-money-transfers/f52df319-7ad9-4ee7-b878-d4fe1db6a203">podcast</a>—with transcript—on the program. I think the <a href="https://epic.org/sen-wyden-reveals-secret-dhs-program-to-collecting-millions-of-money-transfer-records/">original reporting</a> was from <a href="https://www.wsj.com/articles/secret-surveillance-program-collects-americans-money-transfer-data-senator-says-11646737201">last March</a>, but I missed it back then.


<h2>US Cyber Command Operations During the 2022 Midterm Elections</h2>

<a href="https://www.schneier.com/blog/archives/2023/01/us-cyber-command-operations-during-the-2022-midterm-elections.html"><strong>[2023.01.25]</strong></a> The head of both US Cyber Command and the NSA, Gen. Paul Nakasone, <a href="https://www.washingtonpost.com/national-security/2022/12/22/cybercom-russia-iran-attacks/">broadly discussed</a> that first organization’s offensive cyber operations during the runup to the 2022 midterm elections. He didn’t name names, of course: <blockquote>We did conduct operations persistently to make sure that our foreign adversaries couldn’t utilize infrastructure to impact us,” said Nakasone. “We understood how foreign adversaries utilize infrastructure throughout the world. We had that mapped pretty well. And we wanted to make sure that we took it down at key times.” Nakasone noted that Cybercom’s national mission force, aided by NSA, followed a “campaign plan” to deprive the hackers of their tools and networks. “Rest assured,” he said. “We were doing operations well before the midterms began, and we were doing operations likely on the day of the midterms.” And they continued until the elections were certified, he said.</blockquote> We know Cybercom did similar things in 2018 and 2020, and presumably will again in two years.


<h2>On Alec Baldwin's Shooting</h2>

<a href="https://www.schneier.com/blog/archives/2023/01/on-alec-baldwins-shooting.html"><strong>[2023.01.26]</strong></a> We recently learned that Alec Baldwin is being <a href="https://www.nytimes.com/2023/01/19/arts/rust-shooting-charges-alec-baldwin.html">charged</a> with involuntary manslaughter for his accidental shooting on a movie set. I don’t know the details of the case, nor the intricacies of the law, but I have a question about movie props. Why was an actual gun used on the set? And why were actual bullets used on the set? Why wasn’t it a fake gun: plastic, or metal without a working barrel? Why does it have to fire blanks? Why can’t everyone just pretend, and let someone add the bang and the muzzle flash in post-production? Movies are filled with fakery. The <a href="https://movies.stackexchange.com/questions/97448/how-did-the-original-lightsaber-prop-work ">light sabers</a> in Star Wars weren’t real; the lighting effects and “wooj-wooj” noises were add afterwards. The <a href="https://www.thetrekcollective.com/2021/07/original-tos-phaser-and-other-trek.html">phasers</a> in Star Trek weren’t real either. Jar Jar Binks was 100% computer generated. So were a gazillion “props” from the Harry Potter movies. Even regular, non-SF non-magical movies have special effects. They’re easy. Why are guns different?


<h2>A Guide to Phishing Attacks</h2>

<a href="https://www.schneier.com/blog/archives/2023/01/a-guide-to-phishing-attacks.html"><strong>[2023.01.27]</strong></a> This is a <a href="https://tidbits.com/2023/01/16/an-annotated-field-guide-to-identifying-phish/">good list</a> of modern phishing techniques.


<h2>Kevin Mitnick Hacked California Law in 1983</h2>

<a href="https://www.schneier.com/blog/archives/2023/01/kevin-mitnick-hacked-california-law-in-1983.html"><strong>[2023.01.27]</strong></a> Early in his career, Kevin Mitnick successfully hacked California law. He told me the story when he heard about my <a href="https://www.schneier.com/books/a-hackers-mind/">new book</a>, which he partially recounts his 2012 book, <a href="https://www.mitnicksecurity.com/ghost-in-the-wires"><i>Ghost in the Wires</i></a>. The setup is that he just discovered that there’s warrant for his arrest by the California Youth Authority, and he’s trying to figure out if there’s any way out of it. <blockquote>As soon as I was settled, I looked in the Yellow Pages for the nearest law school, and spent the next few days and evenings there poring over the Welfare and Institutions Code, but without much hope. Still, hey, “Where there’s a will…” I found a provision that said that for a nonviolent crime, the jurisdiction of the Juvenile Court expired either when the defendant turned twenty-one or two years after the commitment date, whichever occurred later. For me, that would mean two years from February 1983, when I had been sentenced to the three years and eight months. Scratch, scratch. A little arithmetic told me that this would occur in about four months. I thought, <i>What if I just disappear until their jurisdiction ends?</i></blockquote> This was the Southwestern Law School in Los Angeles. This was a lot of manual research—no search engines in those days. He researched the relevant statutes, and case law that interpreted those statutes. He made copies of everything to hand to his attorney. <blockquote>I called my attorney to try out the idea on him. His response sounded testy: “You’re absolutely wrong. It’s a fundamental principle of law that if a defendant disappears when there’s a warrant out for him, the time limit is tolled until he’s found, even if it’s years later.” And he added, “You have to stop playing lawyer. <i>I’m</i> the lawyer. Let me do my job.” I pleaded with him to look into it, which annoyed him, but he finally agreed. When I called back two days later, he had talked to my Parole Officer, Melvin Boyer, the compassionate guy who had gotten me transferred out of the dangerous jungle at LA County Jail. Boyer had told him, “Kevin is right. If he disappears until February 1985, there’ll be nothing we can do. At that point the warrant will expire, and he’ll be off the hook.”</blockquote> So he moved to Northern California and lived under an assumed name for four months. What’s interesting to me is how he approaches legal code in the same way a hacker approaches computer code: pouring over the details, looking for a bug—a mistake—leading to an exploitable vulnerability. And this was in the days before you could do any research online. He’s spending days in the law school library. This is exactly the sort of thing I am writing about in <a href="https://www.schneier.com/books/a-hackers-mind/"><i>A Hacker’s Mind</i></a>. Legal code isn’t the same as computer code, but it’s a series of rules with inputs and outputs. And just like computer code, legal code has bugs. And some of those bugs are also vulnerabilities. And some of those vulnerabilities can be exploited—just as Mitnick learned. Mitnick was a hacker. His attorney was not.