<?xml version="1.0" encoding="UTF-8"?><rss version="2.0"
	xmlns:content="http://purl.org/rss/1.0/modules/content/"
	xmlns:wfw="http://wellformedweb.org/CommentAPI/"
	xmlns:dc="http://purl.org/dc/elements/1.1/"
	xmlns:atom="http://www.w3.org/2005/Atom"
	xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"
	xmlns:slash="http://purl.org/rss/1.0/modules/slash/"
	>

<channel>
	<title>secrecy &#8211; Noise</title>
	<atom:link href="https://noise.getoto.net/tag/secrecy/feed/" rel="self" type="application/rss+xml" />
	<link>https://noise.getoto.net</link>
	<description>The collective thoughts of the interwebz</description>
	<lastBuildDate>Fri, 08 Dec 2023 15:48:35 +0000</lastBuildDate>
	<language>en-US</language>
	<sy:updatePeriod>
	hourly	</sy:updatePeriod>
	<sy:updateFrequency>
	1	</sy:updateFrequency>
	<generator>https://wordpress.org/?v=6.8.2</generator>
	<item>
		<title>New Bluetooth Attack</title>
		<link>https://noise.getoto.net/2023/12/08/new-bluetooth-attack/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Fri, 08 Dec 2023 12:05:19 +0000</pubDate>
				<category><![CDATA[authentication]]></category>
		<category><![CDATA[bluetooth]]></category>
		<category><![CDATA[cyberattack]]></category>
		<category><![CDATA[man-in-the-middle attacks]]></category>
		<category><![CDATA[secrecy]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<category><![CDATA[vulnerabilities]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=68176</guid>

					<description><![CDATA[<p>New attack <a href="https://www.cvedetails.com/cve/CVE-2023-24023/">breaks</a> forward secrecy in Bluetooth.</p>
<p><a href="https://www.theregister.com/2023/12/06/bluetooth_bug_apple_linux/">Three</a> <a href="https://thehackernews.com/2023/12/new-bluffs-bluetooth-attack-expose.html">news</a> <a href="https://www.bleepingcomputer.com/news/security/new-bluffs-attack-lets-attackers-hijack-bluetooth-connections/">articles</a>:</p>
<blockquote><p>BLUFFS is a <a href="https://francozappa.github.io/post/2023/bluffs-ccs23/">series of exploits</a> targeting Bluetooth, aiming to break Bluetooth sessions’ forward and future secrecy, compromising the confidentiality of past and future communications between devices.</p>
<p>This is achieved by exploiting four flaws in the session key derivation process, two of which are new, to force the derivation of a short, thus weak and predictable session key (SKC).</p>
<p>Next, the attacker brute-forces the key, enabling them to decrypt past communication and decrypt or manipulate future communications...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>On the Poisoning of LLMs</title>
		<link>https://noise.getoto.net/2023/05/25/on-the-poisoning-of-llms/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Thu, 25 May 2023 11:05:43 +0000</pubDate>
				<category><![CDATA[academic papers]]></category>
		<category><![CDATA[artificial intelligence]]></category>
		<category><![CDATA[ChatGPT]]></category>
		<category><![CDATA[hacking]]></category>
		<category><![CDATA[secrecy]]></category>
		<category><![CDATA[snake oil]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=67389</guid>

					<description><![CDATA[<p>Interesting <a href="https://softwarecrisis.dev/letters/the-poisoning-of-chatgpt/">essay</a> on the poisoning of LLMs—ChatGPT in particular:</p>
<blockquote><p>Given that we’ve known about model poisoning for years, and given the strong incentives the black-hat SEO crowd has to manipulate results, it’s entirely possible that bad actors have been poisoning ChatGPT for months. We don’t know because OpenAI doesn’t talk about their processes, how they validate the prompts they use for training, how they vet their training data set, or how they fine-tune ChatGPT. Their secrecy means we don’t know if ChatGPT has been safely managed.</p>
<p>They’ll also have to update their training data set at some point. They can’t leave their models stuck in 2021 forever...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Leaking Military Secrets on Gaming Discussion Boards</title>
		<link>https://noise.getoto.net/2022/06/08/leaking-military-secrets-on-gaming-discussion-boards/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Wed, 08 Jun 2022 11:17:47 +0000</pubDate>
				<category><![CDATA[games]]></category>
		<category><![CDATA[leaks]]></category>
		<category><![CDATA[military]]></category>
		<category><![CDATA[operational security]]></category>
		<category><![CDATA[secrecy]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=65501</guid>

					<description><![CDATA[People are leaking classified military information on discussion boards for the video game War Thunder to win arguments&#8212;repeatedly.
]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>ICE Is a Domestic Surveillance Agency</title>
		<link>https://noise.getoto.net/2022/05/11/ice-is-a-domestic-surveillance-agency/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Wed, 11 May 2022 14:24:09 +0000</pubDate>
				<category><![CDATA[national security policy]]></category>
		<category><![CDATA[Privacy]]></category>
		<category><![CDATA[reports]]></category>
		<category><![CDATA[secrecy]]></category>
		<category><![CDATA[surveillance]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=65412</guid>

					<description><![CDATA[<p>Georgetown has a <a href="https://americandragnet.org/">new report</a> on the highly secretive bulk surveillance activities of ICE in the US:</p>
<blockquote><p>When you think about government surveillance in the United States, you likely think of the National Security Agency or the FBI. You might even think of a powerful police agency, such as the New York Police Department. But unless you or someone you love has been targeted for deportation, you probably don’t immediately think of Immigration and Customs Enforcement (ICE).</p>
<p>This report argues that you should. Our two-year investigation, including hundreds of Freedom of Information Act requests and a comprehensive review of ICE’s contracting and procurement records, reveals that ICE now operates as a domestic surveillance agency. Since its founding in 2003, ICE has not only been building its own capacity to use surveillance to carry out deportations but has also played a key role in the federal government’s larger push to amass as much information as possible about all of our lives. By reaching into the digital records of state and local governments and buying databases with billions of data points from private companies, ICE has created a surveillance infrastructure that enables it to pull detailed dossiers on nearly anyone, seemingly at any time. In its efforts to arrest and deport, ICE has — without any judicial, legislative or public oversight — reached into datasets containing personal information about the vast majority of people living in the U.S., whose records can end up in the hands of immigration enforcement simply because they apply for driver’s licenses; drive on the roads; or sign up with their local utilities to get access to heat, water and electricity...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Amy Zegart on Spycraft in the Internet Age</title>
		<link>https://noise.getoto.net/2022/02/08/amy-zegart-on-spycraft-in-the-internet-age/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Tue, 08 Feb 2022 16:52:48 +0000</pubDate>
				<category><![CDATA[books]]></category>
		<category><![CDATA[cyberespionage]]></category>
		<category><![CDATA[espionage]]></category>
		<category><![CDATA[intelligence]]></category>
		<category><![CDATA[secrecy]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=65015</guid>

					<description><![CDATA[<p>Amy Zegart has a new book: <a href="https://press.princeton.edu/books/hardcover/9780691147130/spies-lies-and-algorithms"><i>Spies, Lies, and Algorithms: The History and Future of American Intelligence</i></a>. Wired has an <a href="https://www.wired.com/story/spies-algorithms-artificial-intelligence-cybersecurity-data/">excerpt</a>:</p>
<blockquote><p>In short, data volume and accessibility are revolutionizing sensemaking. The intelligence playing field is leveling­ — and not in a good way. Intelligence collectors are everywhere, and government spy agencies are drowning in data. This is a radical new world and intelligence agencies are struggling to adapt to it. While secrets once conferred a huge advantage, today open source information increasingly does. Intelligence used to be a race for insight where great powers were the only ones with the capabilities to access secrets. Now everyone is racing for insight and the internet gives them tools to do it. Secrets still matter, but whoever can harness all this data better and faster will win...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
	</channel>
</rss>

<!--
Performance optimized by W3 Total Cache. Learn more: https://www.boldgrid.com/w3-total-cache/

Object Caching 34/122 objects using Memcached
Page Caching using Disk: Enhanced 
Lazy Loading (feed)
Database Caching using Memcached

Served from: noise.getoto.net @ 2025-12-11 18:54:01 by W3 Total Cache
-->