Bruce Schneier – Page 3 – WindowsTechs.com

FBI Extracts Deleted Signal Messages from iPhone Notification Database

Posted on April 23, 2026 by Bruce Schneier

404 Media reports (alternate site):

The FBI was able to forensically extract copies of incoming Signal messages from a defendant’s iPhone, even after the app was deleted, because copies of the content were saved in the device’s push notification database….

The news shows how forensic extraction—when someone has physical access to a device and is able to run specialized software on it—can yield sensitive data derived from secure messaging apps in unexpected places. Signal already has a setting that blocks message content from displaying in push notifications; the case highlights why such a feature might be important for some users to turn on…

Continue reading FBI Extracts Deleted Signal Messages from iPhone Notification Database→

ICE Uses Graphite Spyware

Posted on April 22, 2026 by Bruce Schneier

ICE has admitted that it uses spyware from the Israeli company Graphite.
Continue reading ICE Uses Graphite Spyware→

Mexican Surveillance Company

Posted on April 21, 2026 by Bruce Schneier

Grupo Seguritech is a Mexican surveillance company that is expanding into the US.
Continue reading Mexican Surveillance Company→

Is “Satoshi Nakamoto” Really Adam Back?

Posted on April 20, 2026 by Bruce Schneier

The New York Times has a long article where the author lays out an impressive array of circumstantial evidence that the inventor of Bitcoin is the cypherpunk Adam Back.

I don’t know. The article is convincing, but it’s written to be convincing.

I can’t remember if I ever met Adam. I was a member of the Cypherpunks mailing list for a while, but I was never really an active participant. I spent more time on the Usenet newsgroup sci.crypt. I knew a bunch of the Cypherpunks, though, from various conferences around the world at the time. I really have no opinion about who Satoshi Nakamoto really is…

Continue reading Is “Satoshi Nakamoto” Really Adam Back?→

Friday Squid Blogging: New Giant Squid Video

Posted on April 17, 2026 by Bruce Schneier

Pretty fantastic video from Japan of a giant squid eating another squid.
As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.
Blog moderation policy.
Continue reading Friday Squid Blogging: New Giant Squid Video→

Human Trust of AI Agents

Posted on April 16, 2026 by Bruce Schneier

Interesting research: “Humans expect rationality and cooperation from LLM opponents in strategic games.”

Abstract: As Large Language Models (LLMs) integrate into our social and economic interactions, we need to deepen our understanding of how humans respond to LLMs opponents in strategic settings. We present the results of the first controlled monetarily-incentivised laboratory experiment looking at differences in human behaviour in a multi-player p-beauty contest against other humans and LLMs. We use a within-subject design in order to compare behaviour at the individual level. We show that, in this environment, human subjects choose significantly lower numbers when playing against LLMs than humans, which is mainly driven by the increased prevalence of ‘zero’ Nash-equilibrium choices. This shift is mainly driven by subjects with high strategic reasoning ability. Subjects who play the zero Nash-equilibrium choice motivate their strategy by appealing to perceived LLM’s reasoning ability and, unexpectedly, propensity towards cooperation. Our findings provide foundational insights into the multi-player human-LLM interaction in simultaneous choice games, uncover heterogeneities in both subjects’ behaviour and beliefs about LLM’s play when playing against them, and suggest important implications for mechanism design in mixed human-LLM systems…

Continue reading Human Trust of AI Agents→

Defense in Depth, Medieval Style

Posted on April 15, 2026 by Bruce Schneier

This article on the walls of Constantinople is fascinating.

The system comprised four defensive lines arranged in formidable layers:

The brick-lined ditch, divided by bulkheads and often flooded, 15-20 meters wide and up to 7 meters deep.

A low breastwork, about 2 meters high, enabling defenders to fire freely from behind.

The outer wall, 8 meters tall and 2.8 meters thick, with 82 projecting towers.

The main wall—a towering 12 meters high and 5 meters thick—with 96 massive towers offset from those of the outer wall for maximum coverage.

…

Continue reading Defense in Depth, Medieval Style→

Upcoming Speaking Engagements

Posted on April 14, 2026 by Bruce Schneier

This is a current list of where and when I am scheduled to speak:

I’m speaking at DemocracyXChange 2026 in Toronto, Ontario, Canada, on April 18, 2026.
I’m speaking at the SANS AI Cybersecurity Summit 2026 in Arlington, Virginia, USA, at 9:40 AM ET on April 20, 2026.
I’m speaking at the Greater Good Gathering in New York City, USA, on Tuesday, April 21, 2026.
I’m speaking at the Nemertes [Next] Virtual Conference Spring 2026, a virtual event, on April 29, 2026.
I’m speaking at RightsCon 2026 in Lusaka, Zambia, on May 6 and 7, 2026.

…

Continue reading Upcoming Speaking Engagements→

How Hackers Are Thinking About AI

Posted on April 14, 2026 by Bruce Schneier

Interesting paper: “What hackers talk about when they talk about AI: Early-stage diffusion of a cybercrime innovation.”

Abstract: The rapid expansion of artificial intelligence (AI) is raising concerns about its potential to transform cybercrime. Beyond empowering novice offenders, AI stands to intensify the scale and sophistication of attacks by seasoned cybercriminals. This paper examines the evolving relationship between cybercriminals and AI using a unique dataset from a cyber threat intelligence platform. Analyzing more than 160 cybercrime forum conversations collected over seven months, our research reveals how cybercriminals understand AI and discuss how they can exploit its capabilities. Their exchanges reflect growing curiosity about AI’s criminal applications through legal tools and dedicated criminal tools, but also doubts and anxieties about AI’s effectiveness and its effects on their business models and operational security. The study documents attempts to misuse legitimate AI tools and develop bespoke models tailored for illicit purposes. Combining the diffusion of innovation framework with thematic analysis, the paper provides an in-depth view of emerging AI-enabled cybercrime and offers practical insights for law enforcement and policymakers…

Continue reading How Hackers Are Thinking About AI→

On Anthropic’s Mythos Preview and Project Glasswing

Posted on April 13, 2026 by Bruce Schneier

The cybersecurity industry is obsessing over Anthropic’s new model, Claude Mythos Preview, and its effects on cybersecurity. Anthropic said that it is not releasing it to the general public because of its cyberattack capabilities, and has launched Project Glasswing to run the model against a whole slew of public domain and proprietary software, with the aim of finding and patching all the vulnerabilities before hackers get their hands on the model and exploit them.

There’s a lot here, and I hope to write something more considered in the coming week, but I want to make some quick observations…

Continue reading On Anthropic’s Mythos Preview and Project Glasswing→