Everyone else in the house is snuggled in on this 21F° night, with one notable exception. Sebastian says the weather is perfect. Skyler doesn't want to go outside in until May.

Please keep these coming. 👍

I have a friend who's going through some pretty rough things right now. Please send any really cute capybara/otter/kitty/doggo pics or videos. It would be very much appreciated. 🙏

Stay safe out there friends. You can find me bundled under thick blankets enjoying a nice piping hot bowl of soup and tea.

Want to catch up with this week's top cyber news? Sign up (or RSS) for my newsletter this.weekinsecurity.com, which has: 🗞️ all the major cyber news you need to know 🤩 good news in the happy corner 🐈‍⬛ a reader-submitted cyber-cat 🤖 hand curated by me, no AI 🚫 no email open/link tracking Out Sundays!

This weekend for snowmageddon I'm giving a try at this yummy dish: www.vincenzosplate.com/pasta-with-c... youtu.be/R3HQr5Dhmfc?...

And therein lies the rub: “Users [can] store those keys on a device they own, but MSFT recommends BitLocker users store their keys on its servers for convenience. While that means someone can access their data if they forget their pwd…it…makes them vulnerable to law enforcement subpoenas & warrants”

Microsoft is handing over Bitlocker keys to law enforcement. www.forbes.com/sites/thomas...

ICE detained a 2-year-old girl in Minneapolis and put the child on a flight to a detention center in Texas, despite a court ordering her release: www.startribune.com/agents-detai...

NEW: A federal court ruling in Minnesota, which notes ICE agents broke the Fourth Amendment by entering a family's home sans warrant, lands as ICE faces scrutiny over a secret memo claiming their agents can enter homes w/ administrative paperwork alone.

Popped up today on my phone. Sebastian says hey.

it's always so strange that Ben Affleck is a well-spoken, erudite person because every other aspect of his personality seems like the only words out of his mouth should be slurs muttered through broken teeth

This is a perfect piece of technical writing. alexharri.com/blog/ascii-r...

This is a great explainer to lawyers (or otherwise curious people) on what quantum computing is and is not. Via my colleague @aumasson.jp, a prolific cryptographer and advisor to some of the largest banks in the world.

AI is reshaping persuasion and content generation by scale. LLMs can flood recipients with plausible, evidence-flavored claims. Accuracy appears to matter less than information density. Experiments show short chats shift vote intent. www.kcl.ac.uk/weaponising-ai

This piece by @lukaszolejnik.bsky.social is worth a read. Insightful perspective on the current landscape of "continuous campaigns" and the sophisticated AI tools that rival political campaigns (and nation states) are using to carry out influence operations.

On cold wintry nights like tonight, a hearty piping hot batch of Colombian chicken stew hits the spot.

BREAKING: Tesla loses its crown as the world's bestselling electric vehicle maker to Chinese rival BYD as sales fall for a second year in a row.

Mekka didn't just call this years ago, he's been reminding us every year. BYD and other major Chinese car brands embraced electric *decades* ago, and the market there for both luxury & budget EV vehicles continues to innovate and is highly competitive. You don't see any silly cybertrucks there.

Meanwhile in Nova Scotia

Great post by Mark Dastmalchi-Round. I too have a love/hate relationship (mostly hate) with middleboxes/TLS inspection and the bad security practices we're training our users to follow. www.markround.com/blog/2025/12...

Internships in MPC available, for both recent PhD graduates and current PhD students... mpcinthewild.github.io This is a project funded by the Zama Cryptanalysis Grant program

Great post: “[T]his makes our job predicting the future of which [cryptographic] algorithm is likely to break and which ones are likely to last, very, very hard. We are not looking at nice, predictable trends, but instead are mostly looking at a process that jumps in huge steps every few decades.”

COVID Vaccines Slashed Kids’ ER Visits by 76 Percent, Study Finds www.scientificamerican.com/article/covi...

Mass exodus of veteran senior leaders at Apple, including Jony Ive and the creators of many major products, over to OpenAI. Also, Tim Cook is rumored to be retiring soon, with his successor to be 25-year veteran John Ternus who currently reports to Cook.

This thread is eye opening and hysterical. AI is still in its infancy when it comes to security and safety.

New, by me at this.weekinsecurity.com: Router maker TP-Link faces a potential U.S.-wide ban over its alleged links to China. In my latest analysis, I dive into why a TP-Link ban is unlikely to make America meaningfully safer from Chinese cyberthreats (or anywhere). Please share!

One of the coolest videos I've seen in a while. v.redd.it/porl3bihlh3g1

Sebastian says happy Tuesday

We're looking at places to stay in January and came across this in the notes for one listing. Big selling point for the wife & kids.

this reminds me of the macedonian fake news industry

This guy is my current muse on Instagram. One of the most nerdy happy niche accounts I've ever come across. www.instagram.com/reel/DQy3OcW...

This post-mortem and the accompanying full technical report from Anthropic is a fascinating glimpse into how rapidly hackers are using commercial AI services (here, Claude) to do recon & launch successful attacks on victim orgs. www.anthropic.com/news/disrupt...

just a typical wednesday over here. you?

This discussion with @stevevladeck.bsky.social should be heard by anyone trying to make sense of Justice Ketanji Brown's ruling on the SNAP case yesterday. Vladeck makes a convincing argument that Brown Jackson pulled a ninja-level legal maneuver to expedite a ruling with the best possible outcome.

“[T]he real power of the campaign came from voters who rallied around a set of simple beliefs: that every person deserves a home; that child care should be free; that elections shouldn’t be bought; that racial diversity is a strength worth defending; that working people matter…”

I sure would appreciate it if you spent about 20 seconds of your Friday signing up to get my writing sent straight to you. It's free, it's fun (sometimes), and it would mean a lot: dansinker.com/follow/

I'll make this even more simple: Many (most?) of us in the security engineering world who have taken even a cursory look at this browser would advise colleagues & friends to avoid it at all costs. It's a privacy and product security dumpster fire.

The password to the Louvre’s video surveillance system was “Louvre,” according to a museum employee

U.S. Army advising troops stationed in Germany to go to German food banks during shutdown. “Running list of German support organizations for your kit bags: - Tafel Deutschland - Foodsharing e.V. - Essen für ” web.archive.org/web/20251105...

I had a bug in my new ML-DSA implementation that caused Verify to reject all signatures. I gave up after half an hour. On a whim, I threw Claude Code at it. Surprisingly (to me!) it one-shotted it in 5 minutes. A small case study of useful AI tasks that aren't generating code that requires review.

Nice sunset at the barn outside Barcelona

We're pleased to announce the final lineup for Black Hat Europe '25. Terrific security research spanning 21 tracks. In a separate thread, I'll highlight a few of my favorites. www.blackhat.com/eu-25/briefi...

Microsoft Azure challenges AWS for downtime crown

I'm surprised and encouraged by my new replacement for Chrome and Safari with @kagi.com's browser Orion and its search engine. On the first couple of searches it managed to unsurface content that was exactly what I wanted, including some things I wrote/said years ago that I'd completely forgotten.

Seeing some disturbing early research around ChatGPT's new Atlas web browser. I strongly recommend caution against using it, particularly to interact with any web sites holding sensitive data.

Here's a pic of our dog before a proper grooming, looking rather punk and intimidating. And an after. Enjoy.

One of the things that got drilled into my head working with field clinics in remote developing areas is: Design local systems for as much autonomy as possible and don't ever assume good (or ANY) connectivity for basic operations.

stop scrolling and post two characters that bring you happiness