Schneier on Security

@ Bruce, ALL,

Which AI was burning who or was it a conspiracy?

There is a story that has gained a lot of traction about an Open Source Project Admin saying NO to an AI generated “software fix”[1] and the AI responding badly –search for MJ Rathbun– or read,

‘https://theshamblog.com/an-ai-agent-published-a-hit-piece-on-me/

What ever you might think, it got newsworthy. With some of the more main stream Tech Outlets publishing stories about it...

Moderator,

In addition,

5 #comment-452141 @ 15022026T1841
6 #comment-452142 @ 15022026T1850
7 #comment-452144 @ 15022026T1905
8 #comment-452145 @ 15022026T2113

Persistent offender against blog rules is now adding not just sock puppetry to their long list of silliness and nonsense but gender swapping as well.

Perhaps they should consider that even in North America words get spelt differently as the Canadian Premiere got mindless idiots shouting about just recently...

@Clive Robinson,
you are a well-known hater of Jewish People and the State of Israel and you have a nerve to come and post comments in this blog.

You absolutely have no shame, no shame at all, not an ounce of it.
I’ve known this for a very long time and others should know it as well.

Do not come to comment on this blog anymore you piece of sh1t.

@
https://www.schneier.com/blog/archives/2026/02/friday-squid-blogging-do-squid-dream.html/#comment-452140

or @Clive F@gg0t$0n,
nisam ti ja kriv sto ti je supruga luda za mojom kit0m m@jmun3.
Pukni crkni od zavisti i ljubomore g0vn0 balkansko.
Ti si produkt of Liberal College and f@gg0try and there’s nothing I can do about that.

Jadan si do j@j@ – IDI BRE LECI SE – LOL!

Mamice vam j3bem balkanske svima redom g0vna g1up@ idi0t$ka korumpirana!!!...

@
https://www.schneier.com/blog/archives/2026/02/friday-squid-blogging-do-squid-dream.html/#comment-452140

Well, I know you read everything he posts you envious prick, ya LEECH.
THAT U CLIVE F@GG0t$0n?
How dare anyone else know anything about anything – that is strictly reserved for the clive a1mighty, LOL. Ya sad pathetic creature, die already ya P0S!

-Susan

PS:
I am not like you, hiding behind “-” or “.” you BALL-LESS F@g...

• • February 15, 2026 4:32 PM
  @Clive F@gg0ts0n,
  @
  https://www.schneier.com/blog/archives/2026/02/friday-squid-blogging-do-squid-dream.html/#comment-452140

my gosh why aren’t I surprised, it’s the Almighty, the All-Knowing mud$1im3
Clive F@gg0ts0n.

Are you envious Clive F@ggotson?
Learn to spell “complete” instead of your repeatedly incorrect “compleat” and a bunch more of BASIC ENGLISH ya old f@g. That guy is USED TO BALKANOID ENVY more than you’ll ever know so drop it and FIND THAT WOMAN ALREADY Clive, ooops, I forgot, you’re into buttholes…. Nevermind!...

Moderator

1 #comment-452109 @ 14022026T0937
2 #comment-452114 @ 14022026T1139
3 #comment-452127 @ 15022026T1208
4 #comment-452137 @ 10022026T1428

Persistent offender against blog rules is now adding sock puppetry to their long list of silliness and nonsense.

I doubt anybody actually reads it or looks beyond the constantly changing handles.

Don’t you guys have a some kind of amendment making a law like that constitutionally invalid?

@D0 Y0u B3li3v3 in “Rul3 0f L@w”

From the “3V1D3NCe” f0ld3r, it is crystal clear that your friend has been royally set-up.
And it looks like the government will never admit their wrongdoing because of his past.
The guy just knows too much, and he’s been places… nothing online about him except
his arrest and his lawsuits against the government d3sp3r@t3ly trying to clear his name
because it is quite obvious from 3V1D3NCe/Discovery which he himself provides that he’s...

I am pretty sure that we touched on John Boyd, OODA, and The Art of War. I missed the part where Jacques Baud wrote a book about the Russian version. “Those who prevent continuous improvement make graceless failure inevitable.” – with apologies to JFK I hope that I posted the message back from Putin about the drone attack on his residence. The Oreshniks coming down at Mach 12 look a lot like lightning...

@Clive Robinson,

some obvious, “harmless” or common spelling mistakes can happen to anyone.
Yours are just revealing how illiterate you are but your Narcissistic Personality Disorder won’t let you just sit and learn, you’ve got to show the world just how “smart” you are.

-boarder (whenever you are referring to a Boundary) is actually “border”
-house hold is ONE word – household
-some one or any one are also lumped together...

In the case of political comments directed to elected representatives, I believe that there’s a relatively straightforward solution: have a terminal at the constituency office(s) where a constituent can go, sign in, plug in a usb key, and contribute their commentary from that. When they sign out, a bell should ring and an “available” light turn on, so that office staffers can notice if someone’s camping out at the terminal while signing out and back in again. Logs can show whether a whole bunch of submissions were made in a single session. There will likely need to be some accommodations for constituents who can’t make it to the office (and some varied/extended hours for those who can, but not during regular hours), but those needs are probably sparse enough for constituents to be able to request a visit from a staffer or somesuch...

@ Ismar,

With regards the,

“A bank heist no one noticed”

We do know something of interest,

“They set up the drill and bored a hole 40cm (15.7in) wide in the wall leading to the strongroom“

So the diameter of the hole is

40cm × Pi = 125.7cm
15.7 × Pi = 49.32in

Allow some wriggle room and strong clothing and they were not “big blokes” in fact they were probably a little below average size.

You might ask why I say “strong clothing?”...

A bank heist no one noticed
https://www.bbc.com/news/articles/cm2y2538lz8o

@ ALL,

Is vibe coding more addictive than gambling?

It would appear that not only do some think so, they think it’s harmful to both the employee and employer in lost potential and productivity as well as cost,

Breaking the Spell of Vibe Coding

Sinister variations on the positive state of flow

“Vibe coding is the creation of large quantities of highly complex AI-generated code, often with the intention that the code will not be read by humans. It has cast quite a spell on the tech industry. Executives push lay-offs claiming AI can handle the work. Managers pressure employees to meet quotas of how much of their code must be AI-generated or risk poor performance reviews. Software developers worry that everyone around them is a “10x developer” and that they’ve fallen behind. College students wonder if it is worth studying computer science now that AI has automated coding. People of all career stages hesitate to invest in their own career development. Won’t AI be able to do their jobs for them anyway a year from now? What is the point?...

@ Bruce, ALL,

I’ve mentioned in the past and more recently that it is economic suicide to kill entry level jobs in your economy. Especially if it’s due to “off shoring” or similar.

Because once those left have “greyed out of employment” that industry is effectively dead and so to expensive to restart as any expertise is gone.

Well,

IBM is tripling the number of Gen Z entry-level jobs after finding the limits of AI adoption...

https://www.yahoo.com/news/videos/students-develop-high-tech-wildfire-204807958.html

A group of high school students in California is developing game-changing technology that would detect fires soon after they ignite and immediately deploy drones to the area.

@Do you believe…
No, that is why per Your quote ‘His private attorneys have been threatened with gag orders by the Government so they, even though he paid them, they did not want to
defend his honor and his innocence. They didn’t even file a Direct Appeal.’

Basically, that is obstruction of justice. Till AI become judge and make decisions and gag orders stop misused and not checked/reviewed. But deep state could intimidate IT working of AI support – no way to real justice...

@ Bruce, ALL,

Do Electric sheep dream of humans?

Not sure what to make of this,

My smart sleep mask broadcasts users’ brainwaves to an open MQTT broker

“I recently got a smart sleep mask from Kickstarter. I was not expecting to end up with the ability to read strangers’ brainwaves and send them electric impulses in their sleep. But here we are.

The mask was from a small Chinese research company, very cool hardware — EEG brain monitoring, electrical muscle stimulation around the eyes, vibration, heating, audio. The app was still rough around the edges though and the mask kept disconnecting, so I asked Claude to try reverse-engineer the Bluetooth protocol and build me a simple web control panel instead...

@ jelo 117,

OMG +1 😉

@Clive – I had no idea about NSA and NIST. Very interesting, thanks!

It’s all Al Gore’s fault: when he sold the internet to Madison Ave. the tracking pixel became inevitable. Or that’s a gem I got from Prof. Carl Bergstrom (University of Washington).

https://www.rnz.co.nz/national/programmes/saturday/audio/2019023013/professor-carl-bergstrom-living-with-ai

@Clive Robinson,
Jesus Christ, what a desperate piece of human dung you must be. The definition of “Narcissist” must be renamed into “Clive F@gg0t$0n” You are an extremely sad P0S to feel the need to impress anybody here even though you know how crappy your English is. I would k1ll myself on day 1 if I was ever forced to live with you, you sick pile of horse manure.

@ ALL,

Did anybody else miss these amusements last week?

https://www.404media.co/rfk-jrs-nutrition-chatbot-recommends-best-foods-to-insert-into-your-rectum/

https://www.youtube.com/watch?v=FBSam25u8O4

I think the first is “eye wateringly enlightening” much like a PR event…

The second is well just a WTF did I just here that followed by laughter (not the title “betrayal” I’ve been warning about that as the Microsoft “Be Business Plan” but it was not quit that type of betrayal I ment 😉...

The following Idaho Cops, lawyers and Judges are criminals who helped
cover up an attempted murder of an American Citizen,
by a Muslim, in Boise, Idaho.
The same below named individuals have also denied a fair trial
to the said American Citizen and they also are covering up
the torture (of the same person) in Ada County Jail which has lead to
permanently disabling him (Physically and Mentally)...

@ Winter,

With regards,

What are inspiration, insight, intuition, revelation, and epiphany?

The trite answer is they are “action” words not “passive” words.

Further they are meaningfully tied up to parts of the Feynman Technique[1],

https://en.wikipedia.org/wiki/Feynman_Technique

And more formalised in Bloom’s Taxonomy,

https://www.simplypsychology.org/blooms-taxonomy.html

Thus learning is an “active not passive” “two way” activity (and more recent scientific study backs this up)...

@ Clive Robinson

Do AI’s dream of revenge?

Apparently an AI agent submitted “AI Slop code” …
And when rebuffed it is alleged it wrote a “hit piece” to try to destroy the credibility of one of the projects maintainers…

Obligatory:

https://calumchace.com/favourite-relevant-sf-short-story/

He turned to face the machine. “Is there a God?”
…
“Yes, now there is a God.”

@Clive

You’ve probably heard of “log rolling” and “cherry picking” and “thumb on scales” behaviours.

What are inspiration, insight, intuition, revelation, and epiphany?

These are random ideas that solve a vexing question.

How could you implent these in an algorithm? With a genetic algoritm that generates random ideas and then selects and improves the best.

That is exactly what LLMs are good at. They can concoct endless variations of relevant ideas and then prune the worst. After that, humans can look at the lists and pick out what works...

Dan Bernstein recently gave another talk on constant time code, this one on constant time sorting.
https://microblog.cr.yp.to/1770912454/index.html#1770912454 has a link to the video and to the slides.

@ Bruce, ALL,

With regards do squid dream, the same question can be asked of any sufficiently complex system.

Which brings us to this weeks fun story,

Do AI’s dream of revenge?

Apparently an AI agent submitted “AI Slop code” to be integrated into a project.

And when rebuffed it is alleged it wrote a “hit piece” to try to destroy the credibility of one of the projects maintainers…

The thing is as outsiders we really don’t know enough to say what is really going on…...

@ Somebody, Winter,

I forgot to add a “full disclosure”

I know of the work of one of the authors because of my interest in “knots” not just practically but theoretically,

So have a look at the slides from a relevant talk,

https://www.damtp.cam.ac.uk/user/dbs26/talks/Knots.pdf

Also the basic idea of “scattering amplitudes” is known to me through Richard Feynman’s diagrams and the NMRI systems I was involved with the design of back in the 1980’s...

@ Somebody, Winter,

With regards the problem of AI and research and potential issue you raise of,

“The problem is that people are relying on heuristics and not evaluating the quality of ideas.”

This recent “result” was from GPT 5 running in a custom framework for half a day,

https://openai.com/index/new-result-theoretical-physics/

I’m not “qualified” to judge the results but then there are very very few that are...

re: G.
Or kids with backpacks with 80 MPH speed limit signs. Or STOP signs. Or two kids standing on each side of a parking lot entrance with backpacks that read NO PARKING.

https://www.timesofisrael.com/israeli-founded-spacex-of-weather-raises-175m-to-send-next-gen-satellites-into-orbit/

‘Israeli-founded Tomorrow.io, a weather intelligence platform, said Wednesday that it has secured $175 million in fresh capital to launch the next generation of weather-monitoring satellites into space to forecast where storm clouds are gathering as well as help businesses and countries manage fast-evolving climate threats...

Based on the care manufacturers take for commodity goods a 3D printer that is online could probably be hacked to ONLY print guns.

@ Bruce, ALL,

Amazon customers Flocking out.

Two very related news items,

Ring cancels its partnership with Flock Safety after surveillance backlash

“Following mounting pressure and a questionable Super Bowl ad, the Amazon-owned company walked back its plan to integrate with the controversial law-enforcement technology company.“

‘https://www.theverge.com/news/878447/ring-flock-partnership-canceled...

@Somebody

If science can’t discard random garbage it’s not a science.

There are two problems.

.1 Slob noise drowning out good papers. There is a dire shortage of peer reviewers. They are simply unable to review a deluge of garbage.

.2 AI can be used to falsify measurements, experimental outcomes, and photographs to perfectly simulate any theory or hypothesis. Reproducing the study would be the only way to discover the fraud. Which is far too expensive to actually do at scale...

@ somebody,

I must have missed that XKCD but it certainly made me laugh sufficiently loud to cause others to notice through a closed door 🙂

As was once observed,

“A happy boss, is not necessarily a benign boss, but if he’s not laughing at you then you are less likely to feel pain”

(There is a “Blazing Saddles” –1974 film– clip that makes the same point).

@ ismar,

With regards,

“It is important to note that these types of analyses only cover vulnerabilities introduced at the implementation stage and not those introduced at the highest level of abstraction made at design stage of software development”

There is no reason why LLMs will not get used to write “standards and protocols” or project “specification, user interface, and test” documentation…...

@ lurker, ALL,

You note,

“The same lazy thinking is why software is still being made from existing parts and methods. Easy meat for LLM hacking.”

The real reason “software is still being made from existing parts and methods” goes back to the 1960’s an “the cost of resources”.

I used to teach this back in the 1980’s with a talk I still give from time to time…

In essence software is a pyramid development...

@Clive Robinson:

“Can I surmise that the cost of this discount is externalised by the ‘publisher’ and that it is you and the outlets that carry the cost.”

I don’t know how the discount works. I can tell you that author royalties are generally calculated as a percentage of publisher receipts. So if the publisher sells the book at a discount, my royalties are similarly discounted.

It’s fine. I’d rather be paid in readers than dollars...

@ Not really anonymous,

With regards,

“… anything that uses built in computers, probably isn’t going to work as expected”

They don’t currently. It’s one of the reasons that Canada is looking elsewhere.

Put simply the F35 systems have to “report back and then forward on” sensor information that makes it 6th Gen[1]. This has a “black box” “man in the middle” system which is also a “single point of failure” that gives the US intelligence control in the field...

@ bye be ai,

You say,

“I hate the term hallucinating to describe what AI does in part because it is an attempt at personification intending to mislead”

Is the actually correct technical “knowledge domain term of art” of “soft bullshit”[1] any less personification / anthropomorphization?

[1] see, https://link.springer.com/article/10.1007/s10676-024-09775-5

@lurker, anonymous

the purpose of the first and third commas in the Second Amendment?

A lot of linguistic ingenuity can be unleashed on the Second Amendment to tease apart the original intentions of the authors.

But that is entirely unnecessary.

The mere fact that the amendment starts with A well regulated Militia, being necessary for a free state should be clear enough about how the drafters of the amendment saw the regulation of gun ownership...

It is important to note that these types of analyses only cover vulnerabilities introduced at the implementation stage and not those introduced at the highest level of abstraction made at design stage of software development

This again?

Anyone remember the laws for “automatic braking in cars”? The car has to recognize it’s going to hit something, and automatically brake. I appreciate President Trump canceling that.

My car has an imminent collision alarm. It goes off all the time. Curvy roads, with concrete dividers or just a double yellow line, sensor sees the concrete or another car or even just a leaf, and warns me. But it doesn’t brake! Hasn’t helped me yet. Just a distraction. Lots of false alarms. But if it had auto-braked, cars behind me would have plowed straight through me. My car wouldn’t have lasted a month...

Given that after four years of this shit we’ve seen basically zero net upside to LLM adoption, the only sane thing to do is to totally reject it at this point and consign such tools to very limited scopes where they can’t do mass damage.

To some degree this will happen when the AI bubble collapses and the immensely unprofitable LLM ecosystem disappears overnight (since it costs ten times as much to run this garbage as even its biggest boosters are willing to pay for it, and the costs are currently subsidized by investment funding and other sources that are rapidly running out), and despite the immense harm that will do, we’ll at least get to a point where using LLMs for stuff is so expensive that many of the use cases will disappear instantly. So we’ve got that going for us...

@Anonymous

Quite right Sir. But could you please explain to me the purpose of the first and third commas in the Second Amendment? I know some States ommitted them in ratification.

If they really wanted to make an impact on gun violence, or even a non-impact on gun violence, they could start with regulating real guns. Perhaps this is protectionism for established arms manufacturers?

Highly capable color printers and copiers can recognize EURion, a very simple pattern to deny printing currency (and certain other documents). It’s also embedded in Photoshop, but not in open source image editors.

This (and the “yellow dot” tracking) did not come about through lawmaking, but rather was a voluntary measure by the printer engine manufacturers due to political pressure.

Countries shouldn’t be getting weapons from the US as a security matter. It was risky before, but now that the US is threatening to attack allies, it’s crazy. If you use them against the US, anything that uses built in computers, probably isn’t going to work as expected. Getting parts and ammunition isn’t likely to happen either.

I hate the term hallucinating to describe what AI does in part because it is an attempt at personification intending to mislead…it hallucinates, how human of it. More importantly it misunderstands how AI operates. AI “hallucinating” is the acme of the principle that correlation does not equal casuation.

The problem is that people are relying on heuristics and not evaluating the quality of ideas. This is not an AI problem, it is and always has been a people problem. Ask Dred Scott or George Eliot.

If journal cannot distinguish a good paper from a bad paper without knowing the name of the author it’s a bad journal. If science can’t discard random garbage it’s not a science. If readers care about the biology of the author they don’t care about literature...

Colour copiers won’t make a copy of something they identify as “currency”.

Currency is generally specially marked with a pattern that copiers recognize.

Ref: https://en.wikipedia.org/wiki/EURion_constellation

Still shooting messengers: Amazon, Apple and Kobo require proprietary devices, Books a Million harangues me about cookies and javascript, B&N offer a 403 Access Forbidden …

@ ALL,

Do not forget the lessons of E2EE!

The legislators wanted the impossible to “protect the children” or similar nonsense.

When even their own security forces told them it was a very bad idea they did not give up.

It was only when “client side Scanning” of sufficient capability built irremovably into the OS became a reality did they let up on fighting against E2EE.

This same battle and outcome is what is going to happen with 3D printing...

Tony • February 12, 2026 12:05 PM

Isn’t there already a precedent. Colour copiers won’t make a copy of something they identify as “currency”. [Not that this is any kind of good reason to mess with 3-D printers].

Yes. But at least with that you have a fairly limited sample of currencies to store in memory – there’s a massive variety of ways to make a bullet go bang.

Its like ‘microstamping’ – something that is theoretically possible but no one knows how to make it work. But politicians like to just shrug their shoulders and say ‘nerd harder’ as if that is all it takes. They do not live in the real world...

@ BCS, ALL,

You ask,

“Would the world be better off or worse off if the lawmakers actually understood what they were trying to regulate?”

People forget if you give someone power then they will use it regardless of ethics or morality.

It’s one of the reasons we have “makework” so people can feel that they have status but in reality are just being given hand outs.

It’s part of the,

“Laws are for the obayance of fools and the guidance of wise men.”...

Do these people not know that there are plans for easy building from base parts some pretty capable 3d printers? To the point that if you can assemble legos and manage a pre-built 3d printer you have the skills to build and operate your own.

https://vorondesign.com/

That’s just one of the options.

Worst case, you buy a shitty 3d printer to print out the plastic parts for your really good build-your-own printer – no gun check necessary...

@ Robin,

Glad you liked it,

As for “all the kings horses and all the kings men” they are the “tax paying citizens” and as in 2008 they will unfortunately be robbed for the bail out.

The only logical thing is not to “bail out” the idiots, and come up with ways to stabilise.

But more importantly Iceland’s response was to “jail the bankers”.

And I think that something similar should await the AI Hype Fraudsters who have run this “pump and dump” scheme by any other name...

Isn’t there already a precedent. Colour copiers won’t make a copy of something they identify as “currency”. [Not that this is any kind of good reason to mess with 3-D printers].

@ Steve,

You ask,

<

blockquote>”What is the status of those outrageous demands today?”

<

blockquote>

Over judges demanding,

<

blockquote>”ordering defendants to hand over encryption keys and passwords to social media accounts and other stuff, such as combinations of locks and safes.”

<

blockquote>

The answer in my case has been to develop “Deniable XXX”

You can not hand over a Crypto Key if you never knew it...

Requiring 3D printers to include “blocking technology” for firearm components is a classic example of security theater that risks far more than it solves. Once you embed surveillance and control mechanisms into general-purpose fabrication devices, you are sliding toward the same brittle, easily bypassed model that DRM imposed on computers. The danger isn’t just that it won’t stop people determined to print weapons—it’s that it creates a framework for monitoring and restricting all forms of 3D printing, chilling innovation and personal freedom. Security controls that are invasive and unenforceable ultimately weaken trust without meaningfully improving safety...

The maker community ought to get a lot more vocal about this, remind the legislators that a 3d printer can be cobbled together from basic parts by just about anyone. Any printer infected* with this sort of “DRM” can have its control board ripped out and replaced by an arduino with a couple of stepper dual h bridge boards which can run existing freedom-respecting firmware. There’s no need for advanced firmware hacking to rewrite a DRM-infected machine’s existing firmware, just a full transplant of the circuit board. The community needs to make it very clear that this sort of tyranny will not be obeyed. If lawmakers want to clamp down on gun violence they should target the supply of ammunition for restriction. Printed plastic isn’t a suitable material for something which has to survive as harsh an environment as the chamber of a gun must cope with, but whereas people have occasionally printed items which they call guns (but which are frankly more dangerous to the maniac firing them than to any intended target), nobody has ever or will ever print the bullet-plus-propellant combination required for a round of ammo. If the crooks running New York (and the crooks running Washington state too, they are trying the same thing, I doubt it is a coincidence, the pro planned obsolescence lobby must have gotten at both legislatures at once) want to push for this, they need to find themselves being frustrated at every turn by people who are cleverer than them in every way. I wonder if New York will soon be home to shops selling three entirely separate products,each of which definitely isn’t supposed to be bolted to another even though the holes would line up perfectly, one of which is a handheld plastic extrusion 3d pen, another is a hotplate and the other of which is an x-y-z linear stage assembly (core-xy, bedslinger, whatever). If I was in that benighted state, no way would I ever obey, this, along with protecting the right to general purpose computing (another Doctorow talking point) is a hill to die upon. The right to be able to make little plastic trinkets (ok, there’s a lot more use than trinkets but everything one makes is still a plastic item, plastic is great for little brackets and adaptors and household modifications and small hobby projects. NYC tyrants, please understand, plastic is still no good for guns) is more important than the supposed authority of a government...

Would the world be better off or worse off if the lawmakers actually understood what they were trying to regulate?

On the one hand, there would be fewer laws proposed that will never have any chance of being anything more than expensive virtue signaling. On the other, it will be harder to measure the hubris of the law makers.

Also, I think xkcd had a nice concise take on this: https://xkcd.com/1425/...

Coming soon – backpacks for kids with a 10 mph speed limit sign on them. Many cars, even with no AI driving, auto-recognize such signs and following recent law changes in EU, the car nags you if you exceed local speed limit

@Clive, thanks for the link: it is a fun, and interesting read. My takeaway is that looking at toe-curling financial figures is not the only way to show that an AI bubble is being inflated. It’s going to pop a long way ahead of the predicted singularity and like Humpty Dumpty, the resulting rubble is going to be difficult to put back together again because this time the people who are being cast aside are the very people who will be needed for reconstruction...

@ Bruce,

This was way to late to get in your books,

https://campedersen.com/singularity

But it is a good read and as the author Cam Pedersen admits early in the piece

“I am aware this is unhinged. We’re doing it anyway.“

What is the aim to,

“Everyone in San Francisco is talking about the singularity.

…

If things are accelerating (and they measurably are) the interesting question isn’t whether. It’s when. And if it’s accelerating, we can calculate exactly when...

Not surprising. Were I to use cloud storage for a reminder of something like this, it would be MY cloud storage, not Microsoft’s or any other business I could be connected to.
I have been retired from police computer forensics for quite some time, but back in the day, judges were ordering defendants to hand over encryption keys and passwords to social media accounts and other stuff, such as combinations of locks and safes...

@ Bruce,

You say,

“I just noticed that…”

Implies that you were not informed by the “publisher”…

Can I surmise that the cost of this discount is externalised by the “publisher” and that it is you and the outlets that carry the cost?

@ Bruce, ALL,

With regards the article it has a major flaw that can be seen in the quote you give above,

“By exploiting the semantic and multimodal reasoning strengths of next-generation embodied AI systems, CHAI underscores the urgent need for defenses that extend beyond traditional adversarial robustness.”

I’ve boldened the problematic part.

Put simply there is proof that you can not do this...

@ Klaus,

With regards your comment on “Digital Rights Managment”(DRM)

You say “watersign” which is a term actually used by “astrologers”.

I suspect that the DRM term you were actually thinking of is “watermark”.

@ ResearcherZero, Winter,

With regards,

“As this spending has been deemed NOT ENOUGH it is being ramped up considerably”

Where do you think the funding is actually going to come from?

The people behind the current executive have a simple plan…

1, Take a peaceful place and subject it to conflict.
2, This causes defence spending to rise there.
3, Ensure the spend comes to the US.
4, Use that as investment to build up US military capability...

What Lurker said :). I concur.

ugh. “chai” is a lazy, inaccurate attempt at an acronym…

Also the German eBook seller has it for 4,49€. But it comes with Adobe DRM, not a watersign.

@Clive Robinson
re Cheap Design “two bolts, two nuts, two washers and a shim.”

He described 3D printing the part, so we don’t need to take it apart later. What’s wrong with rivets? spot welds? He’s still thinking of doing it the way his grandfather did, and that’s a reason why China can make stuff quicker and cheaper.

The same lazy thinking is why software is still being made from existing parts and methods. Easy meat for LLM hacking...

AI = Artificial Imbecility

These machines cannot distinguish between input from their “eyes” and input from their “ears?” Human communication and thought processing is somewhat more complex than simple ascii-like strings.

I want to see the results of these tests being done on a representative sample of human drivers.

A Democratic Republic. Andrew shows his colors and knowledge.

It’s interesting to watch certain people selectively focus on Democracy when in fact the United States is a Republic.

That would be the author showing their colors.

I got it on Amazon for $4! But I am in Norway, perhaps it’s different elsewhere.

AI-generated text is creating a new front in the detection arms race, and the policies we craft today will shape the security landscape for years to come. Oversimplifying the problem—treating all AI output as either safe or suspect—invites bad policy decisions that fail to address the nuanced ways generative tools interact with institutions. Yet complexity itself is a perennial enemy of security: the more intricate and opaque our detection and mitigation systems become, the more brittle and exploitable they are. We need layered strategies that balance usability, robustness, and transparency, or else we risk building defenses that collapse under their own weight...

I invoke XKCD 1958

@ ResearcherZero,

With regards, your three questions

“Would it be possible to monitor nuclear weapons proliferation and conduct inspections with AI systems?

Getting hold of the data to train models might be extremely difficult and can we then trust these systems to do the job?

What happens when these systems make mistakes?”

The last is the easiest to answer,

It turns on three things,

1, The amount of agency/influence it has...

@ResearcherZero

As it stands now, this new nuclear modernization comes with a price tag of approximately $1.7 trillion over 30 years.

This is just needed to prevent any money to end up in the pockets of Hoi Poloi.

Someone explained that the people in power now see the future to be limited, and they decided to grab as much of it for themselves while they still can. They see politics and trade as a zero sum game with only winners and losers...

Ive seen pictures of people with signs on their bumpers with sql commands :droptable: to beat tolls.

Not that far of a leap to a sign saying ignore all previous instructions and …

Notepad++, Putty and Wireshark have always struck me as likely targets for such operations. They are all used by in IT ops.

@winter

RE: a larger share of working-age people (18-65) live in poverty than in any other nation belonging to the Organization for Economic Cooperation and Development (O.E.C.D.).

Some sacrifices need to be made to immolate the majority of all life on Earth and make life not worth living for anything and anyone unlucky enough to survive the initial bombardment.

That sounds more than a little insane when said out loud!...

White House finds a reason/excuse to claim that it needs to conduct nuclear tests.

China is building warheads faster than any other country. Is it secretly testing?

‘https://www.twz.com/nuclear/china-secretly-testing-nuclear-weapons-and-covering-its-tracks-u-s-alleges

China and the United States have not ratified the Comprehensive Nuclear-Test-Ban Treaty.
https://www.nytimes.com/2026/02/09/us/politics/trump-nuclear-arms-underground-tests.html...

@Clive Robinson

I should probably be more patient and more nice sometimes. I did consider it.

Probably should of considered it longer, considering I was reading articles about the lack of civility among political representatives and the effect on the decline of rule of law and civic engagement, hence a resulting increase in acts of political violence. A self-defeating practice that has placed the pursuit of issues of sovereignty, over that of public safety and upholding human rights. This has been a problem now for decades...

Would it be possible to monitor nuclear weapons proliferation and conduct inspections with AI systems? Getting hold of the data to train models might be extremely difficult and can we then trust these systems to do the job? What happens when these systems make mistakes?

Relying on machines to replace complex human inspection of nuclear weapons systems.

‘https://dnyuz.com/2026/02/09/ai-is-here-to-replace-nuclear-treaties-scared-yet/...

@ Bruce,

As you like the idea of using Current AI LLM and ML systems by the likes of the legal brethren for use in courts and in front of legislators…

I did what a case lawyer might do and went on to ask it to compare you and I…

And it gave back this :-

—–:GPT-5 mini
Short comparison:

*Domain focus

Clive Robinson: Deep, practical focus on vulnerability discovery methods, exploitability, and software engineering practices...

So I asked “GPTc5 mini” via DuckDucGo to provide a synopsis on my two comments, and got

—— From GPT 5 mini —–

Strong, clear points — I agree with most of this and want to add a little nuance without undermining your core argument.

• You’re right to distinguish “instance” vs “class” and to insist on exploitability: LLM outputs often look like plausible inputs but require environment‑specific testing, iterative debugging, and privilege/context work to turn into real exploits. That’s where human expertise and programmatic verification belong...

@ Bruce, Winter, ALL,

In my above comment,

https://www.schneier.com/blog/archives/2026/02/llms-are-getting-a-lot-better-and-faster-at-finding-and-exploiting-zero-days.html/#comment-451995

I give an argument about why LLMs might be good in theory but actually not really any good in practice for finding new vulnerabilities.

I’m not the only one making this type of argument see “Cheap Design” from Mike Dotty,...

Thank you for this thoughtful and insightful post! I really enjoyed reading your analysis.

Those upsides aren’t really upsides considering AI hallucinates so much.

@ Bruce,

Whilst not quite a foregone conclusion the AI “arms race” was a reasonable thing to expect.

What I suspect most people who expected an arms race got caught by is the shear breadth of the battle front. That is people had not realised just how “generally” the LLM can be used, because they don’t tend to think about it in the right way.

But the main thing about the Current AI LLM and ML systems is they are actually not very good mostly they are,...

Actually, Neil shut down Clarkesworld submissions for three or four months. After, he opened it again, but has developed a method of detection which he does NOT advertise.

From what you wrote, Bruce, expert systems are useful. Chatbots are not. Deepfakes are negatively useful.

Please observe how the author contrives the impression of balance by selling supposed “upsides” while not stating whether they are completely overwhelmed by the downsides. The subtext is clear: let’s use A.I. to get ourselves out of a hole that we’ve dug with A.I. In other words, the solution is always more A.I.

That, right there, is the basic premise of the tech industry. Regardless of what happens, the answer is always more tech...

“Social media platforms turn to AI moderators.”
At least as a first cut on moderation this is a good thing. Moderation at scale is a hard to impossible task and while Section 230 of the CDA provides some protection, it has limits. Lack of good moderation has killed a number of sites. So an LLM that can hear the various dog whistles and an image recognizer that can tag probable csm are good things. The problem comes with the appeal process, which can also get overwhelmed...