home.social

#schneier — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #schneier, aggregated by home.social.

  1. Bruce Schneier's April 13 rebuttal to Project Glasswing rests on one fact. Security firm Aisle reproduced Anthropic's Mythos Preview findings on older, cheaper, public models. Anthropic had tied the capability to 100 million in credits and 4 million in donations as a frontier-only claim. One lab on a normal budget matched the demo. Access-restricted claims last about as long as one competent team rerunning them on last year's weights.

    #AI #InfoSec #Schneier #FOSS

  2. “They’re convincing a lot of people that Mythos is this amazing step change in capability when the evidence right now… is that it might not be.” #Schneier #Mythos #PR youtube.com/watch?v=PsKV...

    Claude Mythos is mostly ‘marke...

  3. Sind wir bereit, von Künstlicher Intelligenz regiert zu werden? - #Schneier auf Sicherheit

    schneier.com/blog/archives/202…

    #Artificial Intelligence (AI) overlords are a common trope in science-fiction dystopias, but the reality looks much more prosaic. The technologies of artificial intelligence are already pervading many aspects of democratic government, affecting our lives in ways both large and small. This has occurred largely without our notice or consent. The result is a government incrementally transformed by AI rather than the singular technological overlord of the big screen. Let us begin with the executive branch. One of the most important functions of this branch of government is to administer the law, including the human services on which so many Americans rely. Many of these programs have long been operated by a mix of humans and machines, even if not previously using modern AI tools such as ...

    😑

  4. #PromptInjection Through Poetry - #Schneier on Security

    schneier.com/blog/archives/202…

    In a new paper, “Adversarial Poetry as a Universal Single-Turn Jailbreak Mechanism in Large Language Models,” researchers found that turning #LLM prompts into poetry resulted in jailbreaking the models: Abstract: We present evidence that adversarial poetry functions as a universal single-turn jailbreak technique for Large Language Models (LLMs). Across 25 frontier proprietary and open-weight models, curated poetic prompts yielded high attack-success rates (ASR), with some providers exceeding 90%. Mapping prompts to MLCommons and EU CoP risk taxonomies shows that poetic attacks transfer across CBRN, manipulation, cyber-offence, and loss-of-control domains. Converting 1,200 ML-Commons harmful prompts into verse via a standardized meta-prompt produced ASRs up to 18 times higher than their prose baselines. Outputs are evaluated using an ensemble of 3 open-weight LLM judges, whose binary safety assessments were validated on a stratified human-labeled subset. Poetic framing achieved an average jailbreak success rate of 62% for hand-crafted poems and approximately 43% for meta-prompt conversions (compared to non-poetic baselines), substantially outperforming non-poetic baselines and revealing a systematic vulnerability across model families and safety training approaches. These findings demonstrate that stylistic variation alone can circumvent contemporary safety mechanisms, suggesting fundamental limitations in current alignment methods and evaluation protocols...


    😁

  5. We went to a talk at Hennepin Community College and saw a lecture by Bruce #Schneier. Bruce’s ability to frame complex problems is one of those qualities that you often find in the brightest luminaries. He gave a great talk on #cybersecurity and #AI, and took loads of time for questions.

    Fun fact: Bruce used to live in #Minneapolis and wrote restaurant reviews for the Star Tribune.

  6. #Schneier tries to rip the rose-colored #AI glasses from the eyes of #Congress
    #DOGE moves fast and breaks things, and now our data is at risk, #security guru warns in hearing
    "The other speakers mostly talked about how cool AI was – and sometimes about how cool their own company was – but I was asked by the Democrats to specifically talk about DOGE and the risks of exfiltrating our data from government agencies and feeding it into AIs," #BruceSchneier explained
    theregister.com/2025/06/06/sch

  7. Unabhängig, wie wir zu einnehmenden KI-Persönlichkeiten stehen: Es ist ein Irrglaube, wenn wir kommerzielle KI-Systemen Freundschaft und Vertrauen zuschreiben. Weil das Vertrauen, das Firmen und ihre Agenten – egal, ob Vertreter, Influencer oder KI – zu Kunden aufbauen möchten, ganz anderer Natur ist als zwischenmenschliches Vertrauen.

    Bruce #Schneier hat #Vertrauen analysiert und die verschiedenen Arten sortiert.

    Und wir für #DNIP zusammengefasst.
    dnip.ch/2023/12/11/marcel-pend

  8. 10 years on after Data and Goliath warned of data collection • The Register

    'In 50 years, I think we'll view these business practices like we view sweatshops today'
    #privacy #security #interview #schneier

    theregister.com/2025/02/15/int

  9. Bruce #Schneier:
    Foreign adversaries typically spend years attempting to penetrate government systems such as these.
    But the most alarming aspect isn’t just the access being granted. It’s the systematic dismantling of security measures that would detect and prevent misuse.
    It’s as if someone found a way to rob Fort Knox by simply declaring that the new official policy is to fire all the guards and allow unescorted visits to the vault. (1/X)
    foreignpolicy.com/2025/02/11/d

  10. Lieber "bullshit detector" anstelle von "#KI Zauber": #Cybersecurity Guru Bruce #Schneier findet in einem lesenswerten Interview klare Worte zum Stand der unternehmerischen #Cybersicherheit und ihren tatsächlichen Bedürfnissen:
    "In an interview, security guru Bruce Schneier proposes a radical solution: Top-tier managers should have to go to prison if they fail to protect their company networks against hacker attacks."
    nzz.ch/english/expert-bruce-sc

  11. @tortoc Ich nutze #PwSafe schon seit sehr vielen Jahren.
    Der wurde ursprünglich vom Crypto Papst Bruce #Schneier entwickelt.
    pwsafe.org/

    Läuft unter #Windows und #Linux. Es gibt auch einen #Android Port und ich meine auch einen für #iOS

  12. «AI Industry is Trying to Subvert the Definition of “Open Source AI”»

    > The Open Source Initiative has published (news article here) its definition of “open source AI,” *and it’s terrible*.

    #Schneier stoping on the #OSAID. I guess there is still some hope...

    schneier.com/blog/archives/202

    #OSI

  13. Essays: #NSA #Surveillance: a Guide to Staying #Secure - #Schneier on #Security

    The #NSA has huge capabilities – and if it wants in to your computer, it's in. With that in mind, here are five ways to stay safe
    #privacy

    schneier.com/essays/archives/2

  14. From 1999 | “how can I become a cryptographer?” | Schneier on Security

    I wonder what this would look like nowadays? Quote:

    The short answer to “how can I become a cryptographer” is: “Get a PhD in cryptography.” This is not the only way to become a cryptographer, but it is by far the easiest.

    https://www.schneier.com/crypto-gram/archives/1999/1015.html#SoYouWanttobeaCryptographer

    https://alecmuffett.com/article/109933

    #cryptography #schneier

  15. Insightful essay from Bruce #Schneier and Barath Raghavan - using James C. Scott's "Seeing like a State" and showing how abstraction of socio-technical systems now lets us "See like a Data Structure".

    Worth a read for anyone into #STS, #data and #sociology.

    Where it left me wanting was solutions - how do we stop seeing like a data structure, and embrace nuance, complexity, richness and diversity?

    It reminds me very much of the work "Re-wilding the internet" by Maria Farrell and Robin Berjon.

    schneier.com/blog/archives/202

  16. @RandomDamage @SynAck weaksauce, i thought you had some real insights and good opsec - unfortunately it is all compromised on some level or another and some of it is justified for natl security reasons but big tech plays as much of a role if not more than govt - the incentives for surveillance capitalism are too great #krebs #Schneier

  17. Why it is hard to build secure #LLM|s like #ChatGPT. (Where "secure" means that you can have it parse your emails or the incoming resumés by applicants or …)
    #BruceSchneier #Schneier
    schneier.com/blog/archives/202

  18. Esteemed cryptographer and cybersecurity authority, Bruce Schneier, casts a spotlight on this transformation, envisaging a not-so-distant future where AI’s capabilities are harnessed to sift through vast quantities of data, unveiling insights that were previously attainable only with extensive human effort.

    #securityland #ai #cryptography #surveillance #artificalintelligence #schneier #podcast #privacy #cybersecurity #technology #security

    security.land/bruce-schneier-f

  19. Bruce #Schneier befasst sich als (IT-)Sicherheitsexperte schon lange mit dem Thema #Vertrauen. Vor wenigen Tagen erschien sein Essay, ob und wie das mit #KI zusammenpasse:

    1️⃣ Vertrauen gibt es in zwei Formen: #Zwischenmenschlich (zwischen Freunden) und #gesellschaftlich (gegenüber Fremden und Organisationen)
    2️⃣ Diese zwei funktionieren so unterschiedlich, dass sie immer klar zu trennen sind.

    #BruceSchneier #AI #KünstlicheIntelligenz 1/n
    dnip.ch/2023/12/11/marcel-pend

  20. Bruce #Schneier befasst sich als (IT-)Sicherheitsexperte schon lange mit dem Thema #Vertrauen. Vor wenigen Tagen erschien sein Essay, ob und wie das mit #KI zusammenpasse:

    1️⃣ Vertrauen gibt es in zwei Formen: #Zwischenmenschlich (zwischen Freunden) und #gesellschaftlich (gegenüber Fremden und Organisationen)
    2️⃣ Diese zwei funktionieren so unterschiedlich, dass sie immer klar zu trennen sind.

    #BruceSchneier #AI #KünstlicheIntelligenz 1/n
    dnip.ch/2023/12/11/marcel-pend

  21. Bruce #Schneier befasst sich als (IT-)Sicherheitsexperte schon lange mit dem Thema #Vertrauen. Vor wenigen Tagen erschien sein Essay, ob und wie das mit #KI zusammenpasse:

    1️⃣ Vertrauen gibt es in zwei Formen: #Zwischenmenschlich (zwischen Freunden) und #gesellschaftlich (gegenüber Fremden und Organisationen)
    2️⃣ Diese zwei funktionieren so unterschiedlich, dass sie immer klar zu trennen sind.

    #BruceSchneier #AI #KünstlicheIntelligenz 1/n
    dnip.ch/2023/12/11/marcel-pend

  22. Bruce #Schneier befasst sich als (IT-)Sicherheitsexperte schon lange mit dem Thema #Vertrauen. Vor wenigen Tagen erschien sein Essay, ob und wie das mit #KI zusammenpasse:

    1️⃣ Vertrauen gibt es in zwei Formen: #Zwischenmenschlich (zwischen Freunden) und #gesellschaftlich (gegenüber Fremden und Organisationen)
    2️⃣ Diese zwei funktionieren so unterschiedlich, dass sie immer klar zu trennen sind.

    #BruceSchneier #AI #KünstlicheIntelligenz 1/n
    dnip.ch/2023/12/11/marcel-pend

  23. Bruce #Schneier befasst sich als (IT-)Sicherheitsexperte schon lange mit dem Thema #Vertrauen. Vor wenigen Tagen erschien sein Essay, ob und wie das mit #KI zusammenpasse:

    1️⃣ Vertrauen gibt es in zwei Formen: #Zwischenmenschlich (zwischen Freunden) und #gesellschaftlich (gegenüber Fremden und Organisationen)
    2️⃣ Diese zwei funktionieren so unterschiedlich, dass sie immer klar zu trennen sind.

    #BruceSchneier #AI #KünstlicheIntelligenz 1/n
    dnip.ch/2023/12/11/marcel-pend

  24. #Microsoft Signing Key Stolen by #Chinese - #Schneier on #Security

    Actually, two things went badly wrong here. The first is that #Azure accepted an expired signing key, implying a #vulnerability in whatever is supposed to check key validity. The second is that this key was supposed to remain in the the system’s #HardwareSecurityModule —and not be in software
    #privacy #China #signingkey

    schneier.com/blog/archives/202

  25. Inrupt, Tim Berners-Lee's Solid, and Me

    Interesting article by Bruce Schneier. Basically, he's come out as a member of #Inrupt

    "It's also a little surreal working on a project conceived and spearheaded by Tim Berners-Lee. But at this point, I feel that I should only work on things that matter to society. So here I am."

    schneier.com/blog/archives/202

    Worth noting the #safenetwork is also being made compatible with Solid.

    #solid #privacy #schneier #decentralized