From the “no shit, didn’t see this coming” department: District Judge ​Jeremy Daniel in Chicago said drivers in the proposed class action ⁠can try to prove that Allstate violated the Federal Wiretap Act by monitoring ​their travel www.reuters.com/legal/govern....

A long time colleague has spent the past several months looking into the core security properties & claims of OpenClaw, and finally decided to launch a GH project to replace it, at non-toy scale. Worth a read for any security professional. www.flyingpenguin.com/why-i-replac...

If you don't follow @wyden.senate.gov, today is a great day to see all the on-the-ground reports from the NoKings protests this weekend. Some really creative protest signs.

The number of American service members wounded in the Iran war has grown beyond 300, with more than two dozen troops injured this week from attacks on a Saudi air base.

Has anyone figured out why the "Send Later" option in iMessages is sometimes there and sometimes not? I tried searching the usual places (Apple support, YouTube, even /r/iPhone) but all the suggestions there aren't working for me.

Column by Dana Milbank: I attended a meeting of Faith250, an interfaith movement that discusses the Declaration of Independence and other American documents, hoping to bridge religious and political divisions. Here's what I learned:

newrepublic.com/post/208020/... via @lebassett.bsky.social

Great resource for anyone engaged or interested in US AI policy and governance from @geomblog.bsky.social and his team www.brown.edu/news/2026-03...

Them: "Instagram is rolling out end-to-end encryption via the Signal protocol. Isn't it great!!" Me: "We'll see…" *Meta deeply buries E2E encryption in Instagram as an opt-in choice.* *2+ years pass* *Meta kills encrypted Instagram DMs* Scoop by @lhn.bsky.social

Mea culpa - original story was a @zackwhittaker.com jam. Here's the original: techcrunch.com/2026/03/20/c...

I'd bet was not in breathalyzer's standard threat model. www.wired.com/story/securi... via @mattburgess1.bsky.social, @lhn.bsky.social, and @agreenberg.bsky.social

It was a beautiful warm, sunny day. Garfield and Leopold each embraced it in their own way.

Leopold has made a BFF with the newest member of our household.

phrack.org/issues/68/2#... Another legend has crossed over. Thank you @fxv2.bsky.social for being your kind, brilliant self, whose contributions are too many to name, not just in hacking, but in being a superconnector who I now know is responsible for so many friendships & marriages. You are missed.

Read more about the fellowship and the incredible work these folks are doing here: www.internetsociety.org/blog/2026/03... 6/6

TikTok announces that they’re not going to deploy “controversial privacy tech” that’s actually the same end-to-end encryption most other providers use to protect users’ DMs. www.bbc.com/news/article...

I had an extra long break in meetings today so I felt like getting a little fancy for lunch. Saffron- and Annatto-infused orzo & fideo pasta with homemade Italian-style meatballs. 🧑‍🍳

From the Black Hat community: in memory of Felix 'FX' Linder. blackhat.com/html/blog/20...

Yeah, so basically Mandiant and iVerify released a paper today about this spoopy thingy called "Coruna". Coruna is very, very silly. Mandiant and iVerify discovered SOMEONE (they don't say who) developed some hardcore iOS zero day exploits. It exploited how iOS devices handled visiting

New from 404 Media: the FBI is using AI to hack targets. FBI official was talking about "remote access operations," FBI's term for hacking. FBI said it's a "game changer". The comments were unusually candid about FBI's very secretive hacking operations. www.404media.co/the-fbi-is-u...

I was just reminded of this classic piece by Jack Daniel. Still relevant today, and good grounding for early career people trying to break into a role in security. www.tenable.com/blog/shoulde...

A full iOS exploitation toolkit, "Coruna," has been found in the wild, hacking iPhones that visited infected websites, used by Russian spies targeting Ukrainians and thieves targeting Chinese crypto holders. And it may have been originally created for the US government. www.wired.com/story/coruna...

Powerful statement earlier today from @lookitup.baby in support of a pause in evictions for Minneapolis families in this time of crisis. www.youtube.com/live/vpRmCJE...

For the 2026 primary elections, NPR has collected deadlines and information on how to register to vote — online, in person or by mail — in every U.S. state and territory.

IBM says its value "has nothing to do with COBOL". But that's not the point.

My comment for Telegraph on the current chaotic stock-crash situation. IBM lost 13% in a day because of a blog post. If AI can disrupt whole ecosystems (hardware, software, consultants) the effects would be significant. Also, COBOL sucks. www.telegraph.co.uk/business/202...

And right on schedule: there goes pseudonymity on the Internet. arxiv.org/abs/2602.16800

Great story

Spanish courts just ordered blocks on ProtonVPN and NordVPN during LaLiga matches. Because nothing says 'good governance' like censoring your internet for soccer. Meanwhile, the UK considers rest... https://www.technadu.com/vpn-blocking-in-spain-affects-protonvpn-nordvpn-matches-access/620401/

I don’t think I’ve ever had so many people writing to me to ask about encrypted/secure/private tools for comms, collaboration, and organizing. So @lhn.bsky.social and I talked to experts and assembled this: the Wired guide to organizing in an age of surveillance. www.wired.com/story/how-to...

It's hard enough to figure out your own threat model and how to approach your own digital privacy and security, but it's even more overwhelming to try to think it through for bigger groups. @agreenberg.bsky.social and I put together this guide as a starting point www.wired.com/story/how-to...

Good day to make some nice hot gumbo

Everyone else in the house is snuggled in on this 21F° night, with one notable exception. Sebastian says the weather is perfect. Skyler doesn't want to go outside in until May.

Please keep these coming. 👍

I have a friend who's going through some pretty rough things right now. Please send any really cute capybara/otter/kitty/doggo pics or videos. It would be very much appreciated. 🙏

Stay safe out there friends. You can find me bundled under thick blankets enjoying a nice piping hot bowl of soup and tea.

Want to catch up with this week's top cyber news? Sign up (or RSS) for my newsletter this.weekinsecurity.com, which has: 🗞️ all the major cyber news you need to know 🤩 good news in the happy corner 🐈‍⬛ a reader-submitted cyber-cat 🤖 hand curated by me, no AI 🚫 no email open/link tracking Out Sundays!

This weekend for snowmageddon I'm giving a try at this yummy dish: www.vincenzosplate.com/pasta-with-c... youtu.be/R3HQr5Dhmfc?...

And therein lies the rub: “Users [can] store those keys on a device they own, but MSFT recommends BitLocker users store their keys on its servers for convenience. While that means someone can access their data if they forget their pwd…it…makes them vulnerable to law enforcement subpoenas & warrants”

Microsoft is handing over Bitlocker keys to law enforcement. www.forbes.com/sites/thomas...

ICE detained a 2-year-old girl in Minneapolis and put the child on a flight to a detention center in Texas, despite a court ordering her release: www.startribune.com/agents-detai...

NEW: A federal court ruling in Minnesota, which notes ICE agents broke the Fourth Amendment by entering a family's home sans warrant, lands as ICE faces scrutiny over a secret memo claiming their agents can enter homes w/ administrative paperwork alone.

Popped up today on my phone. Sebastian says hey.

it's always so strange that Ben Affleck is a well-spoken, erudite person because every other aspect of his personality seems like the only words out of his mouth should be slurs muttered through broken teeth

This is a perfect piece of technical writing. alexharri.com/blog/ascii-r...

This is a great explainer to lawyers (or otherwise curious people) on what quantum computing is and is not. Via my colleague @aumasson.jp, a prolific cryptographer and advisor to some of the largest banks in the world.

AI is reshaping persuasion and content generation by scale. LLMs can flood recipients with plausible, evidence-flavored claims. Accuracy appears to matter less than information density. Experiments show short chats shift vote intent. www.kcl.ac.uk/weaponising-ai

This piece by @lukaszolejnik.bsky.social is worth a read. Insightful perspective on the current landscape of "continuous campaigns" and the sophisticated AI tools that rival political campaigns (and nation states) are using to carry out influence operations.

On cold wintry nights like tonight, a hearty piping hot batch of Colombian chicken stew hits the spot.