What scientists thought were squid fossils were actually arrow worms. This article has been indexed from Schneier on Security Read the original article: Friday Squid Blogging: A Case of Squid Fossil Misidentification
Category: Schneier on Security
Spying on People Through Airportr Luggage Delivery Service
Airportr is a service that allows passengers to have their luggage picked up, checked, and delivered to their destinations. As you might expect, it’s used by wealthy or important people. So if the company’s website is insecure, you’d be able…
Cheating on Quantum Computing Benchmarks
Peter Gutmann and Stephan Neuhaus have a new paper—I think it’s new, even though it has a March 2025 date—that makes the argument that we shouldn’t trust any of the quantum factorization benchmarks, because everyone has been cooking the books:…
Measuring the Attack/Defense Balance
“Who’s winning on the internet, the attackers or the defenders?” I’m asked this all the time, and I can only ever give a qualitative hand-wavy answer. But Jason Healey and Tarang Jain’s latest Lawfare piece has amassed data. The essay…
Aeroflot Hacked
Looks serious. This article has been indexed from Schneier on Security Read the original article: Aeroflot Hacked
That Time Tom Lehrer Pranked the NSA
Bluesky thread. Here’s the paper, from 1957. Note reference 3. This article has been indexed from Schneier on Security Read the original article: That Time Tom Lehrer Pranked the NSA
Microsoft SharePoint Zero-Day
Chinese hackers are exploiting a high-severity vulnerability in Microsoft SharePoint to steal data worldwide: The vulnerability, tracked as CVE-2025-53770, carries a severity rating of 9.8 out of a possible 10. It gives unauthenticated remote access to SharePoint Servers exposed to…
Subliminal Learning in AIs
Today’s freaky LLM behavior: We study subliminal learning, a surprising phenomenon where language models learn traits from model-generated data that is semantically unrelated to those traits. For example, a “student” model learns to prefer owls when trained on sequences of…
How Solid Protocol Restores Digital Agency
The current state of digital identity is a mess. Your personal information is scattered across hundreds of locations: social media companies, IoT companies, government agencies, websites you have accounts on, and data brokers you’ve never heard of. These entities collect,…
Google Sues the Badbox Botnet Operators
It will be interesting to watch what will come of this private lawsuit: Google on Thursday announced filing a lawsuit against the operators of the Badbox 2.0 botnet, which has ensnared more than 10 million devices running Android open source…