Bruce Schneier – Page 35 – WindowsTechs.com

The Ramifications of Ukraine’s Drone Attack

Posted on June 4, 2025 by Bruce Schneier

You can read the details of Operation Spiderweb elsewhere. What interests me are the implications for future warfare:

If the Ukrainians could sneak drones so close to major air bases in a police state such as Russia, what is to prevent the Chinese from doing the same with U.S. air bases? Or the Pakistanis with Indian air bases? Or the North Koreans with South Korean air bases? Militaries that thought they had secured their air bases with electrified fences and guard posts will now have to reckon with the threat from the skies posed by cheap, ubiquitous drones that can be easily modified for military use. This will necessitate a massive investment in counter-drone systems. Money spent on conventional manned weapons systems increasingly looks to be as wasted as spending on the cavalry in the 1930s…

Continue reading The Ramifications of Ukraine’s Drone Attack→

New Linux Vulnerabilities

Posted on June 3, 2025 by Bruce Schneier

They’re interesting:

Tracked as CVE-2025-5054 and CVE-2025-4598, both vulnerabilities are race condition bugs that could enable a local attacker to obtain access to access sensitive information. Tools like Apport and systemd-coredump are designed to handle crash reporting and core dumps in Linux systems.

[…]

“This means that if a local attacker manages to induce a crash in a privileged process and quickly replaces it with another one with the same process ID that resides inside a mount and pid namespace, apport will attempt to forward the core dump (which might contain sensitive information belonging to the original, privileged process) into the namespace.”…

Continue reading New Linux Vulnerabilities→

Australia Requires Ransomware Victims to Declare Payments

Posted on June 2, 2025 by Bruce Schneier

A new Australian law requires larger companies to declare any ransomware payments they have made.
Continue reading Australia Requires Ransomware Victims to Declare Payments→

Why Take9 Won’t Improve Cybersecurity

Posted on May 30, 2025 by Bruce Schneier

There’s a new cybersecurity awareness campaign: Take9. The idea is that people—you, me, everyone—should just pause for nine seconds and think more about the link they are planning to click on, the file they are planning to download, or whatever it is they are planning to share.

There’s a website—of course—and a video, well-produced and scary. But the campaign won’t do much to improve cybersecurity. The advice isn’t reasonable, it won’t make either individuals or nations appreciably safer, and it deflects blame from the real causes of our cyberspace insecurities…

Continue reading Why Take9 Won’t Improve Cybersecurity→

Friday Squid Blogging: NGC 1068 Is the “Squid Galaxy”

Posted on May 29, 2025 by Bruce Schneier

I hadn’t known that the NGC 1068 galaxy is nicknamed the “Squid Galaxy.” It is, and it’s spewing neutrinos without the usual accompanying gamma rays.
As usual, you can also use this squid post to talk about the security stories… Continue reading Friday Squid Blogging: NGC 1068 Is the “Squid Galaxy”→

Surveillance Via Smart Toothbrush

Posted on May 29, 2025 by Bruce Schneier

The only links are from The Daily Mail and The Mirror, but a marital affair was discovered because the cheater was recorded using his smart toothbrush at home when he was supposed to be at work.
Continue reading Surveillance Via Smart Toothbrush→

Location Tracking App for Foreigners in Moscow

Posted on May 28, 2025 by Bruce Schneier

Russia is proposing a rule that all foreigners in Moscow install a tracking app on their phones.

Using a mobile application that all foreigners will have to install on their smartphones, the Russian state will receive the following information:

Residence location

Fingerprint

Face photograph

Real-time geo-location monitoring

This isn’t the first time we’ve seen this. Qatar did it in 2022 around the World Cup:

“After accepting the terms of these apps, moderators will have complete control of users’ devices,” he continued. “All personal content, the ability to edit it, share it, extract it as well as data from other apps on your device is in their hands. Moderators will even have the power to unlock users’ devices remotely.” …

Continue reading Location Tracking App for Foreigners in Moscow→

Chinese-Owned VPNs

Posted on May 27, 2025 by Bruce Schneier

One one my biggest worries about VPNs is the amount of trust users need to place in them, and how opaque most of them are about who owns them and what sorts of data they retain.

A new study found that many commercials VPNS are (often surreptitiously) owned by Chinese companies.

It would be hard for U.S. users to avoid the Chinese VPNs. The ownership of many appeared deliberately opaque, with several concealing their structure behind layers of offshore shell companies. TTP was able to determine the Chinese ownership of the 20 VPN apps being offered to Apple’s U.S. users by piecing together corporate documents from around the world. None of those apps clearly disclosed their Chinese ownership…

Continue reading Chinese-Owned VPNs→

Friday Squid Blogging: US Naval Ship Attacked by Squid in 1978

Posted on May 23, 2025 by Bruce Schneier

Interesting story:
USS Stein was underway when her anti-submarine sonar gear suddenly stopped working. On returning to port and putting the ship in a drydock, engineers observed many deep scratches in the sonar dome’s rubber “NOFOUL” … Continue reading Friday Squid Blogging: US Naval Ship Attacked by Squid in 1978→

Signal Blocks Windows Recall

Posted on May 23, 2025 by Bruce Schneier

This article gives a good rundown of the security risks of Windows Recall, and the repurposed copyright protection took that Signal used to block the AI feature from scraping Signal data.
Continue reading Signal Blocks Windows Recall→