Bruce Schneier – WindowsTechs.com

The FCC Wants to Eliminate Burner Phones

Posted on June 15, 2026 by Bruce Schneier

A proposed FCC rule would kill burner phones: phones whose accounts are not attached to a particular person.

The FCC plans to do this by legally forcing the country’s telecoms to store a wealth of personal information about essentially all phone customers, including a government issued identification number and their physical address, alarming privacy advocates and civil rights activists who compare the measures to those from authoritarian countries where it can be difficult to buy a mobile phone plan without giving up your identity.

The proposed change would drastically shake up how people obtain phone plans in the U.S., and have all sorts of privacy and cybersecurity knock-on effects. The FCC is proposing the data collection partly as a way to combat scammers, with telecoms being required to collect other information on business and foreign customers like the intended use case of their bulk phone plan purchase and their IP address. But the changes would mean telecoms collect data on all new and renewing customers, and the FCC provides a long list of other things that the collected data could help authorities with…

Continue reading The FCC Wants to Eliminate Burner Phones→

Friday Squid Blogging: Squid-Inspired Fluid Pump

Posted on June 12, 2026 by Bruce Schneier

This fluid pump was inspired by the way squids propel themselves through the water.
As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.
Blog moderation policy.
Continue reading Friday Squid Blogging: Squid-Inspired Fluid Pump→

Friday Squid Blogging: Squid-Inspired Fluid Pump

Posted on June 12, 2026 by Bruce Schneier

Bernie Sanders’ AI Sovereign Wealth Fund Plan

Posted on June 12, 2026 by Bruce Schneier

Let no one accuse Bernie Sanders of ducking the big questions. Writing in the New York Times last week, the senator asked: “Will the future of humanity be determined by a handful of billionaires who have promoted and developed AI, with virtually no democratic input, who stand to become even richer and more powerful than they are today?”

We agree entirely that this is one of the most potent questions facing global democracy today. Our book, Rewiring Democracy, surveys the emerging uses for and impacts of AI in democracy around the world and reaches the same conclusion: that the most urgent risk posed by AI is the …

Continue reading Bernie Sanders’ AI Sovereign Wealth Fund Plan→

Bernie Sanders’ AI Sovereign Wealth Fund Plan

Posted on June 12, 2026 by Bruce Schneier

Continue reading Bernie Sanders’ AI Sovereign Wealth Fund Plan→

Enhanced License Plate Tracking

Posted on June 11, 2026 by Bruce Schneier

The surveillance company Leonardo wants more data:

A surveillance company plans to add sensors to automatic license plate readers (ALPRs) that would mean the devices, as well as capture the license plate of passing vehicles, would also sweep up unique identifiers of mobile phones, wearables, and other Bluetooth-enabled devices in those cars, potentially letting law enforcement identify specific drivers or passengers.

The technology, called SignalTrace, would turn ALPR cameras from devices focused on tracking cars to ones that can more readily track the location of particular people. ALPR cameras have become a commonly deployed technology all across the U.S.; SignalTrace would make some of those cameras capable of collecting much more data…

Continue reading Enhanced License Plate Tracking→

NSO Group Hacking WhatsApp Despite Court Order

Posted on June 10, 2026 by Bruce Schneier

WhatsApp has caught the NSO Group phishing its users, in violation of a court order.
Continue reading NSO Group Hacking WhatsApp Despite Court Order→

GPS As a Key Distribution Platform

Posted on June 9, 2026 by Bruce Schneier

This is interesting:

The U.S. military has likely been quietly broadcasting codes for its global encryption network using public GPS for nearly 20 years, turning each satellite into a hidden “numbers station,” according to Steven Murdoch…

That means every device that uses GPS has been receiving hidden government information for years, and nobody outside the military knew it until now.

[…]

Murdoch discovered that this particular sentinel was transmitted by all 31 operational satellites within a window of a few hours on May 26, 2011, potentially heralding the activation of a new operational system. He confirmed that this timeline coincided with the rollout of the military’s Over-the-Air Distribution (OTAD) and the Over-the-Air Rekeying (OTAR) by cross-referencing declassified documents, including a 2015 presentation about the dates of the operation…

Continue reading GPS As a Key Distribution Platform→

Critical Zcash Vulnerability Found and Fixed

Posted on June 8, 2026 by Bruce Schneier

If you’re a user—owner?—of this cryptocurrency, this is important:

On May 29, the security researcher Taylor Hornby found a critical vulnerability in Zcash Orchard privacy pool using Claude Opus 4.8. The Zcash team hired Hornby specifically to look for this kind of issue. He found one fast enough to be embarrassing.

The Orchard pool is the newest and most advanced shielded transaction system in the cryptocurrency Zcash. Introduced in 2022, it allows users to send and receive ZEC while keeping transaction details private. It uses zero-knowledge proofs to validate transactions without revealing amounts or participants. The bug: a specific check that was supposed to validate transaction inputs wasn’t actually enforcing the rules it appeared to enforce. An attacker could have exploited the flaw to feed false inputs into that check and generate ZEC from nothing, with the zero-knowledge proof system blessing the fraudulent transaction as valid…

Continue reading Critical Zcash Vulnerability Found and Fixed→

Anthropic’s Project Glasswing Update

Posted on June 8, 2026 by Bruce Schneier

In April, Anthropic initated Project Glasswing. The idea was to let companies use their new model to find and fix vulnerabilities in their own software. It was a fantastic PR move, and so many press outlets have uncritically parroted Anthropic’s claims that it’s now common wisdom that Mythos is better at finding software vulnerabilities than other models. Which is just not true.

In any case, Anthropic has published a Project Glasswing status report. It’s finding a lot of vulnerabilities in software—yay! Some of them are even dangerous. But almost none of them has been patched. It’s …

Continue reading Anthropic’s Project Glasswing Update→