Reuters is reporting that the White House has banned WhatsApp on all employee devices: The notice said the “Office of Cybersecurity has deemed WhatsApp a high risk to users due to the lack of transparency in how it protects user data, absence of stored data encryption, and potential security …
Simon Willison talks about ChatGPT’s new memory dossier feature. In his explanation, he illustrates how much the LLM—and the company—knows about its users. It’s a big quote, but I want you to read it all. Here’s a prompt you can use to give you …
Scientists can manipulate air bubbles trapped in ice to encode messages. [...]
It was a recently unimaginable 7.3 Tbps : The vast majority of the attack was delivered in the form of User Datagram Protocol packets. Legitimate UDP-based transmissions are used in especially time-sensitive communications, such as those for video playback, gaming applications, and DNS lookups. It speeds up communications by …
This is the first ever video of the Antarctic Gonate Squid. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. [...]
Good article from 404 Media on the cozy surveillance relationship between local Oregon police and ICE: In the email thread, crime analysts from several local police departments and the FBI introduced themselves to each other and made lists of surveillance tools and tactics they have access to and felt …
Two articles crossed my path recently. First, a discussion of all the video Waymo has from outside its cars: in this case related to the LA protests. Second, a discussion of all the video Tesla has from inside its cars. Lots of things are collecting lots of video of …
The variations seem to be endless. Here’s a fake ghostwriting scam that seems to be making boatloads of money. This is a big story about scams being run from Texas and Pakistan estimated to run into tens if not hundreds of millions of dollars, viciously defrauding Americans with …
If you’ve worried that AI might take your job, deprive you of your livelihood, or maybe even replace your role in society, it probably feels good to see the latest AI tools fail spectacularly. If AI recommends glue as a pizza topping, then you’re safe for another …
This is a current list of where and when I am scheduled to speak: I’m speaking at the International Conference on Digital Trust, AI and the Future in Edinburgh, Scotland on Tuesday, June 24 at 4:00 PM. The list is maintained on this page. [...]
Video of the stubby squid ( Rossia pacifica ) from offshore Vancouver Island. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. [...]
Paragon is an Israeli spyware company, increasingly in the news (now that NSO Group seems to be waning). “Graphite” is the name of its product. Citizen Lab caught it spying on multiple European journalists with a zero-click iOS exploit: On April 29, 2025, a select group of iOS users …
This is news : A data broker owned by the country’s major airlines, including Delta, American Airlines, and United, collected U.S. travellers’ domestic flight records, sold access to them to Customs and Border Protection (CBP), and then as part of the contract told CBP to not reveal where …
Researchers have discovered a new way to covertly track Android users. Both Meta and Yandex were using it, but have suddenly stopped now that they have been caught. The details are interesting, and worth reading in detail: Tracking code that Meta and Russia-based Yandex embed into millions of websites …
Researchers have discovered a new way to covertly track Android users. Both Meta and Yandex were using it, but have suddenly stopped now that they have been caught. The details are interesting, and worth reading in detail: >Tracking code that Meta and Russia-based Yandex embed into millions of websites …
Southern New England is having the best squid run in years. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. [...]
On Thursday I testified before the House Committee on Oversight and Government Reform at a hearing titled “ The Federal Government in the Age of Artificial Intelligence.” The other speakers mostly talked about how cool AI was—and sometimes about how cool their own company was—but I was asked …
OpenAI just published its annual report on malicious uses of AI. By using AI as a force multiplier for our expert investigative teams, in the three months since our last report we’ve been able to detect, disrupt and expose abusive activity including social engineering, cyber espionage, deceptive employment …
You can read the details of Operation Spiderweb elsewhere. What interests me are the implications for future warfare: If the Ukrainians could sneak drones so close to major air bases in a police state such as Russia, what is to prevent the Chinese from doing the same with U …
They’re interesting : Tracked as CVE-2025-5054 and CVE-2025-4598, both vulnerabilities are race condition bugs that could enable a local attacker to obtain access to access sensitive information. Tools like Apport and systemd-coredump are designed to handle crash reporting and core dumps in Linux systems. [...] “This means that if a …
A new Australian law requires larger companies to declare any ransomware payments they have made. [...]
There’s a new cybersecurity awareness campaign: Take9. The idea is that people—you, me, everyone—should just pause for nine seconds and think more about the link they are planning to click on, the file they are planning to download, or whatever it is they are planning to …
I hadn’t known that the NGC 1068 galaxy is nicknamed the “Squid Galaxy.” It is, and it’s spewing neutrinos without the usual accompanying gamma rays. [...]
The only links are from The Daily Mail and The Mirror, but a marital affair was discovered because the cheater was recorded using his smart toothbrush at home when he was supposed to be at work. [...]
Russia is proposing a rule that all foreigners in Moscow install a tracking app on their phones. Using a mobile application that all foreigners will have to install on their smartphones, the Russian state will receive the following information: Residence location Fingerprint Face photograph Real-time geo-location monitoring This isn …