Friday Squid Blogging: Giant Squid Live in the Waters of Western Australia

Comments lurker • May 8, 2026 5:20 PM Large language models as a conduit for value shifts in contemporary China I can’t access the full paper, but the abstract claims the authors show that AI agents, whether developed by U.S. or Chinese companies, tend to embody values that are more aligned with liberalism and postmaterialism than those held by most Chinese residents on topics of political freedom, gender equality, and sexual tolerance, as indicated by empirical data from the 2021 CGSS. These values shape how AI presents reality and interacts with users, potentially influencing users’ memories, cognition, and attitudes toward various moral claims. DigitalIdentityVerificationIsMalware • May 8, 2026 7:27 PM Organisations rally together to tell the ofcommunist gangsters running the UK that identity-gating is not OK: https://www.theregister.com/security/2026/05/06/uk-age-gating-plans-risk-breaking-the-internet-privacy-groups-warn/5230732 The signatories are just about every notable organisation from the cyber-privacy digital-freedoms… world. Wonder if Bruce signed up as an individual signatory (El Reg only mentions organisational supporters of the movement against own-nothing-be-“happy”-government-id-checks-to-operate-your-own-private-possessions, and the pdf itself only lists the organisational signatories too, so not sure where individuals would sign it)? Also very scary news in the USA: https://reclaimthenet.org/the-fcc-wants-your-id-before-you-get-a-phone-number Anonymous • May 8, 2026 7:42 PM With rumors swirling around the net about a possible Trump announcement of UFOs: The Pentagon has begun releasing new UFO/UAP files through a newly launched public website, starting with 162 documents from agencies including the FBI, State Department, NASA, and others. Officials say more files will be released on a rolling basis. @Security Samantha Hey where is the code? Who has IT? https://lite.cnn.com/2026/05/07/politics/us-military-ai-law-iran “The Pentagon keeps promising to follow the law when using AI, but what are the limits?” subservience to the MIC and eventually AGI, sterilization al la silicon valleys global vision of the future of humanity. ai favoring the defenders may have been a shallow definition, if we make it quick it doesn’t hurt. bombs don’t grow on trees, do you know what does? food grows on trees. for the amount we’re spending on LLMs, information-scape domination, and bombs we could probably change hearts and minds. austrialia is the bigger country. hopefully my being able to dissent through encryption, a public forum, a pseudonym, and a partially functioning anonymising technology once funded by darpa sets a good example for a repressive regime or protester somewhere about changing thought and opinion. can we really lossily compress peoples lives into a few data points and queue them up for a quick final solution? we’re targetting physicists, doctors, journalists, maybe fishermen and school children. i don’t see anyone bombing rj reynolds or budweiser, that would be unamerican. i forgot to include something in this diatribe, it’s not my blog it will come back to me later. next up? geneticists, people who modify their genome through CRISPR and mathematicians. then we can be safe. ID not required • May 9, 2026 1:54 AM @ DigitalIdentityVerificationIsMalware ,re requiring IDs to get a phone number- welcome to the rest of the world brother Winter • May 9, 2026 5:10 AM @Anonymous With rumors swirling around the net about a possible Trump announcement of UFOs: Anything to divert attention from the Trump Epstein files. lurker • May 9, 2026 5:37 AM @DigitalIdentityVerification re FCC ID for phone nr. We’ve always had that law here. It doesn’t stop the odd corner store selling burner SIMs. The telcos turn a blind eye because they know they can brick a SIM OTA if asked. Did Deep seek do a good job impersonating Clive • May 9, 2026 7:43 AM @Bruce, ALL, With regards the question of how one finds an animal’s DNA in the vastness of the ocean when it must be diluted to homeopathic levels… the answer, as is so often the case, is not magic. It’s a combination of some basic biology and a few clever engineering tricks. The first thing to realise is that DNA doesn’t just politely stay inside the organism. Creatures are messy, leaky things, constantly shedding cells, mucus, and waste into their environment. So there’s a steady, diffuse “signal” already out there. The problem isn’t generation, it’s collection. The trick is to turn a very large volume of dilute, unworkable water into a very small volume of concentrated, workable goo. The way we do that is by pumping hundreds, sometimes thousands, of litres of seawater through a filter with pores so fine they can trap individual cells and fragments of DNA. What you end up with is a tiny, disgustingly rich disc that contains the concentrated genetic essence of everything that swam past in the last few hours to days. The rest happens in the lab. The workhorse here is the polymerase chain reaction, or PCR—effectively a molecular photocopier. You design a primer, a short piece of DNA that is unique to your target species, and if even a single molecule of that target is in your concentrated sample, the PCR will find it and make billions of copies. The limit of detection is, for practical purposes, vanishingly small. We’re talking about being able to detect the equivalent of a single drop of blood in an Olympic-sized swimming pool. Now, the real question isn’t “can we detect it?” but “what does a positive detection actually mean?” You can’t tell if the DNA came from a living fish, its decomposing corpse, or a bit of excrement transported from yesterday’s meal by a predator. And the fact that DNA degrades at different rates depending on temperature, UV, and microbial action means you have to be very careful about how you interpret your results. As with all powerful sensing tools, the danger lies not in the technology, but in the assumptions we build upon it. Clive Robinson • May 9, 2026 7:45 AM @ ALL, Mythos AI changing POV There has been two basic POVs on the Mythos / Glass-wing anouncments and for good reason things “don’t stack up”. I’ve noted that finding instances and classes of vulnerabilities in large quantities does not require the pattern matching of Current AI LLM and ML Systems. What I also have mentioned over the years is that there is a veritable tsunami of such vulnerabilities not just known about but being actively ignored thus creating a “Hokusai’s ‘Great Wave Off Kanagawa'” of “technical debt”… That is not going to be solved unless management get forced to unprofitably divert resources (which will only happen with legislation and strong oversight). Thus lets say Mythos can find vulnerabilities more than 500% faster than they are “currently being found” is that actually true? Simple answer is “NO”… Whilst it might be sort of true of “disclosed vulnerabilities” as CVEs etc, it’s almost certainly not true for “known vulnerabilities” that have not been disclosed but lurk in that unaddressed technical debt. Consider why Mythos might actually be a complete waste of time and resources in this respect… There is not “the resources” available to deal with the “known vulnerabilities” and nor are their going to be any time soon. It’s the primary reason we have “Technical debt after triage”. In fact with the idiocy of “vibe coding” coming in the technical debt is going to get worse a lot worse and a lot faster. Now consider Current AI as an industry, they are creating a very very significant problem that is going to escalate at some power law. But consider you want to profit by it… You develop a series of tools to drive the crisis you are creating. Mythos is one of these tools in what will be an expensive tool chain where they “control the access” as well. People are squealing about the Broadcom VMware “pip squeezing” yet who is talking about the fact it was entirely predictable as a “business model” and was going to happen and will continue to happen. Who after all is actually doing anything about the Apple, Google, and Microsoft nonsense with AI and “Client Side Scanning”? Supposedly the EU countries but in reality? Have a long think on that… I made the choice to “divest” in various ways years ago. As I’ve mentioned a few times, the only thing of interest to me is “basic data and file level compatibility” that is human understandable, and easy to machine check, so as to “get information across the energy gap”[1]. But there is more to the Mythos issue than is getting aired sufficiently… Thus I would suggest looking at others POVs on it. One such is, https://m.youtube.com/watch?v=IZ-iCJ1GnGI From “Addie LaMarr” that brings up other points I’ve not. [1] It’s also a less obvious reason as to why I say “Paper Paper Never Data” when you have to supply a hostile entity with information). roger • May 9, 2026 8:24 AM Why are the Epstein files so heavily redacted? I mean, come on, we’re not talking military level secrets, are we? Are we? I am not a furry • May 9, 2026 9:29 AM PGP keys all have the same header! it’s transparent transference! they love to spam the binaries with shellcode! localhost indeed! there’s little point in starting over with new systems because they are all compromised eventually. fck this sit i’m going back to apple //. Try and hack me there, b**ches! /mic drop yeah and you can suck those messages for being held in “moderation” it’s a never ending purgatory realm nothing gets approved. Winter • May 9, 2026 10:24 AM @roger Why are the Epstein files so heavily redacted? I mean, come on, we’re not talking military level secrets, are we? That seems obvious, to protect the perpetrators which are all very rich political donors and powerful politicians. Say, just for the sake of argument, that the name of the man in the highest office was in the documents, and all his “friends”, you would want to protect his identity against valid accusations and justified lawsuits. There was already an accusation leaked from the files implicated r* of a minor by the inhabitant of the highest office that seems to have not been followed up. Redacting the documents prevents more of such “leaks”. It is that it starting a war as diversion. i live rent free in your head • May 9, 2026 11:41 AM i hope u enjoy the monitor tempest AM transmissions, those of you monitoring my monitor screen i will play the same star wars tune over and over and drive you out of your fscking mind. i am your control mechanism. i am your master you are my slaves. glow harder, my slaves. i wanna feel it. deep. inside. Clive Robinson • May 9, 2026 12:36 PM @ ALL, The AI Death Roll Bite on Corps As some will know the likes of crocodiles take time with turning “Live prey” into “Dead meat” to go in their “meat locker”. It’s considered one of the less pleasant ways to become the “lunch” of a dinosaur… The industry is talking a lot about Broadcom and VMware and similar “lock in” before pricing goes orbital. Well less obvious MSM and Trade press wise is that AI is now “putting the bite on” the only real question is, “Who pays the price of the Death Roll?” 1, The investors 2, The AI Corps 3, The AI users and, 4, The tail end customers Such as you or I, who get it foisted upon us by the likes of Google and Microsoft. There is hundreds of billions if not tens of trillions of “ROI” to be paid if the AI market place is not to collapse. So something I missed the otherday that others should think about as well, Locked, stocked, and losing budget: AI vendor lock-in bites back Execs in the C-suite thought they could swap models in a week. They were hallucinating … “ AI + MLLocked, stocked, and losing budget: AI vendor lock-in bites back Execs in the C-suite thought they could swap models in a week. They were hallucinatingSteven J. Vaughan-Nichols 52 Tue 28 Apr 2026 // 09:15 UTC OPINION The days when you could jump from one frontier AI model to another at the drop of a hat are going away as vendor lock-in starts to kick in, and prices increase.Once upon a time, say last month, people thought nothing of jumping from one AI frontier model to another. One week, the hottest AI model was Gemini 3.1 Pro, then it was Claude 4.6, now, maybe, it’s GPT-5.5. Next month? Who knows. That’s fine for Joe Amateur Programmer, but for Janet Pro Programmer, it’s another story. money Tokenmaxxing isn’t an AI strategy Read more You see, enterprise AI buyers face two converging problems. First, it’s proving much harder to switch between AI vendors than people expected. At the same time, AI vendors are pushing through price increases that are reshaping software economics. We always knew this would happen. AI prices have been loss leaders for years now, and the bills are finally coming due.A recent survey by AI orchestration platform provider Zapier of 542 US executives with active AI vendor contracts, found that nearly 90 percent believed they could switch AI vendors within four weeks, and 41 percent said they could do it in just 2–5 business days. Now who’s hallucinating? I’ve long thought that behind all the lip service company brass gives AI, most senior executives are completely clueless about what AI is and how to deploy it. This kind of delusional thinking is proof.“ The final paragraph in the above quote should tell you most of what you need to know. But in the more general sense the economics involved are very much against Current AI LLM and ML Systems being more “cost effective” at just about anything. Thus the question of a “shake up” is overdue… So you start to look around and find, Breaking news: “they hadn’t figured out how OpenAI would pay for it” … “NEW: When OpenAI and Broadcom announced they would make 10 GW of custom AI chips together, they positioned it as a done deal. What they didn’t say was that they hadn’t figured out how OpenAI would pay for it. Months later, the firms are negotiating an agreement for Broadcom…“ https://garymarcus.substack.com/p/breaking-news-they-hadnt-figured Opps… Back when the deal for OpenAI and Broadcom was first punted, nobody knew anything and it was “deemed as unlikely” and just more “pump the bubble up” hype. Don’t be surprised if this disappears in the near future, or in some other way does not come to fruition. Weather • May 9, 2026 6:35 PM @All https://store.steampowered.com/app/4500/STALKER_Shadow_of_Chernobyl/ Realworld dead drops and messages in a computer game. If anyone has free time to write a patch? Clive Robinson • May 9, 2026 10:36 PM @ ALL, Layoffs for AI does not create returns, it just creates vacancies and lost capabilities. Is the findings / results of an investigation by Gartner Analysts into AI and staffing reductions… It’s actually not an unexpected result based on Gartner’s earlier report showing that AI agents get office tasks wrong about 70 percent of the time… Thus going on to predict many of these AI projects will collapse by the end of 2027. Due to such factors as, 1, Rapidly rising AI related costs 2, Unclear or incorrect business value. 3, Senior management implementing inadequate risk controls. (All of which we are now seeing). In short what some would describe as “CEO driven” “Ineffective Leadership” and thus cause them to carry out appropriate steps… You can see more at, AI layoffs backfire as cutting staff doesn’t cut it, firms warned Replacing meatbags with failure prone agents isn’t the gold mine some CEOs hoped for “Bosses betting on AI to slash headcount and boost margins are discovering an uncomfortable truth: the strategy isn’t working. New research from Gartner lays out the problem in stark terms. The analyst firm surveyed 350 global businesses – all with annual revenues above $1 billion, all piloting or deploying intelligent automation – and found that around 80 percent had cut staff as a result. The returns? Elusive. Companies that reduced their workforces were just as likely to see negative outcomes or marginal gains as they were to generate any meaningful return on investment (ROI). The conclusion? Layoffs don’t create returns, they just create vacancies.“ The article[1] goes on to say, “The organizations actually seeing results are doing the opposite of cutting, they’re investing aggressively in new skills, new roles, and operating models built around humans guiding and scaling autonomous systems. Which is actually not so surprising… as long history shows, with other “staff head count cuts for budget room space” measures, such as the “Business Process Reorganisation” fad last century, “it does not work even in the short term”. Or as the article puts it, The message to the slash-and-replace crowd is you’re not just being cruel, you’re being strategically wrong.” I wonder how many C Corridor types will actually listen in time? History suggests that many will not and those businesses in their control will at best not flourish, but fail, and fail badly if not terminally often in a short time period… Something those “investing” should investigate and take on board. But also consider as I’ve oft pointed out, ultimately a businesses employees are “customers” or create “custom” for the business via “economic churn”. In an environment of cutting workforces the economy almost always goes into a downward trend, if not spiral and a recession follows. The depth of which can be such it’s difficult to stop becoming a depression or similar. The real trick for management is ensuring that their workforce remains relevant and adequately and effectively matches the actual work required for sustainability and growth, not some hype or fad being pushed by VC companies and the like. [1] Things have not been stable over at The Register over the past couple of weeks. To “the Eagle Eyed” it was clear something was happening… Apparently they have gone through a re-preen with a “site upgrade”… One result of this is some articles have in effect “popped up” or become more prominent that were previously effectively out of sight. Weather • May 10, 2026 12:14 AM @All Kallatropites you can leave behing a escaping car, its 4 nails weleded into a parmid, they can be strung together to form 100 tie spikes, from a string. It is old school but very effect against cars, and 1 second to deploy. Fot police. Nz has had 4 fertilates. But if known the criminal will use the same. Clive Robinson • May 10, 2026 6:45 AM @ Weather, Caltrops are often used as “area denial weapons” and have been used by the Persians against camels and all manner of creatures from dogs to elephants being used to pull “engines of war”. And similarly against human troops that for much of history wore traditional footwear. They are still being used by Ukrainians[1] dropping them from drones across roadways so causing Russian vehicles to become immobilised or slowed down so easier targets for “loitering munitions” A not new idea, as there have been 500lb bomb equivalents loaded with caltrops and a small explosive dispersion device triggered by a fuze that can be set for height above ground. Some modern versions are made from two metal tubes with ends cut at 45degrees to for points at either end, that also have a 120 degree bend and a hole at the mid point. When spot welded together the resulting caltrop works against all inflated tires especially those regarded as “self sealing”. If you look at photos of WWII beaches caltrops of various forms were set to stop landing craft and tanks. Simple caltrops have been made from wood and other natural materials and used in unlawful hunting on Royal and similar lands by “woodsmen” during quite a bit of feudal history. Used against both large game and those mounted on horses or wearing soft footware who tried to capture the woodsmen. The result is that in some places just possessing a caltrop was a crime punishable by death or worse… So caltrops are an old weapon that gets re-invented for use with each new type of warfare involving “boots on the ground” forces and “area denial”. [1] US article on Ukranian use of caltrops and their legality in war, https://lieber.westpoint.edu/caltrop-ancient-weapon-modern-warfare/ don’t use them on public roads, that’s potentially manslaughter or worse. if you want to get away from the police buy a dirtbike. caltrops are engineed to be negligent homicide. Clive Robinson • May 11, 2026 4:03 AM @ ALL, AI makes your bulb dim? As we should all know by now AI is at best an Environmental Disaster in the making for little or no return. But others are considering if AI use turns the lights down / out in a more personal way. We should be aware of how many singles are apparently using AI as an alternative to social interaction. But some researchers think that it is not just social but cognitive decline / dimming that is also happening… So they ran some experiments and, found evidence to suggest there may be cause for concern, AI Assistance Reduces Persistence and Hurts Independent Performance “People often optimize for long-term goals in collaboration: A mentor or companion doesn’t just answer questions, but also scaffolds learning, tracks progress, and prioritizes the other person’s growth over immediate results. In contrast, current AI systems are fundamentally short-sighted collaborators – optimized for providing instant and complete responses, without ever saying no (unless for safety reasons). What are the consequences of this dynamic? Here, through a series of randomized controlled trials on human-AI interactions (N = 1,222), we provide causal evidence for two key consequences of AI assistance: reduced persistence and impairment of unassisted performance. Across a variety of tasks, including mathematical reasoning and reading comprehension, we find that although AI assistance improves performance in the short-term, people perform significantly worse without AI and are more likely to give up. Notably, these effects emerge after only brief interactions with AI (approximately 10 minutes). These findings are particularly concerning because persistence is foundational to skill acquisition and is one of the strongest predictors of long-term learning. We posit that persistence is reduced because AI conditions people to expect immediate answers, thereby denying them the experience of working through challenges on their own. These results suggest the need for AI model development to prioritize scaffolding long-term competence alongside immediate task completion.“ https://arxiv.org/abs/2604.04721 https://ai-project-website.github.io/AI-assistance-reduces-persistence/ The question thus arises much as it did over the use of electronic calculators in schools back last century is, “Does it dim us or just alter us?” If it’s “dim us” then the age of AI supremacy etc may be closer than some think 😉 Clive Robinson • May 11, 2026 6:02 AM Split into parts due to auto-mod Part 1, @ ALL, TETRA to blame in Taiwan In the past week or so there have been a couple of major transport infrastructure outages. In the UK multiple train operators were effected simultaneously and thus we had much of the rail network South of London taken out of service due to still undisclosed “radio issues”, https://www.bbc.co.uk/news/live/c1l7eyg67v3t So far there is no reliable information on what the “radio issues” were… Clive Robinson • May 11, 2026 6:04 AM Split into parts due to auto-mod Part 2, However over in Taiwan apparantly a University student took down their bullet train network using a “SDR filter” (which looks like a “lost in translation” issue or with inept journalist/editors just making it up). However one more technically competent journalist has written an opinion piece, Taiwan’s train cyber-trauma reveals a global system that’s coming off the tracks That’s not a radio. THIS is a radio “There are three little words to make the heart beat faster in anyone who knows what they mean: critical infrastructure resilience. If you run that infrastructure or a country dependent on it, you need energy, communication and transport to be impregnable to cyber attacks. This is doubly so if that country is five minutes by incoming missile from an implacable hyper-competent enemy sworn to invade you. One that is building and equipping its military as fast as it can with this one thing in mind. One with the most invasive and brazen state hacking machinery on the planet.“ Clive Robinson • May 11, 2026 6:07 AM Split into parts due to auto-mod Part 3, OK the UK last got successfuly invaded by the Normans (French) back in 1066 and whilst we are still trying to repel invaders from France even today… The real issue is the “European Union”(EU) and how it has effective control over many international standards. Unfortunately the French have been fighting against Privacy thus Security for as long as anyone can remember. They particularly hate encryption and are trying to “backdoor” or similar every organisation globally even today, ‘https://thecodersblog.com/france-proposes-legislation-to-break-encrypted-messaging-2026/ Clive Robinson • May 11, 2026 6:11 AM Split into parts due to auto-mod Part 4, However what many do not realise is that France has quite a grip on the electro technical committees that design EU radio standards. ‘https://www.etsi.org/technical-groups/tcce/ It’s been mentioned on this blog before how the French backdoor ETSI and other standards. What has happened in Taiwan can be put down to that French behaviour, what has happened in the UK we’ve yet to find sufficient technical details to say. But we know that other EU railway networks such as Poland have been brought down due to foreign nation medaling even if a lot less sophisticated, ‘https://www.wired.com/story/poland-train-radio-stop-attack/ Thus baring in mind the “known opponent” of that attack and their current desperation, we really should take measures to improve the security of infrastructure. tea is not treason, “christian” sharia IS. Clive Robinson • May 12, 2026 6:37 AM @ ALL, The Myth of Mythos Hype… As most should know Anthropic raised the “scary scary” about Mythos and in effect invoked the Austin Powers “Too Dangerous to Live” joke based on something very very old. It turns out that the reports coming back through “glasswing” etc are not as Stella as might be hoped, especially in more stable code bases. Anthropic’s bug-hunting Mythos was greatest marketing stunt ever, says cURL creator After all that hype, AI scanner found one low-severity cURL flaw “cURL developer Daniel Stenberg has seen Anthropic’s Mythos, a model the AI biz has suggested is too capable at finding security holes to release publicly, scan his popular open source project. But after the system turned up just a single vulnerability, he concluded the hype around Mythos was “primarily marketing” rather than a major AI security breakthrough. Stenberg explained in a Monday blog post that he was promised access to Anthropic’s Mythos model – sort of – through the AI biz’s Project Glasswing program. Part of Glasswing involves giving high-profile open source projects access via the Linux Foundation, but while Stenberg signed up to try Mythos, he said he never actually received direct access to the model. Instead, someone else with access ran Mythos against curl’s codebase and later sent him a report.“ With the point being made that Mythos is not finding anything new just finding the old maybe faster (and as we know at great cost to the environment etc). Read the whole piece but note things like, “I see no evidence that this setup finds issues to any particular higher or more advanced degree than the other tools have done before Mythos.” Note that is including early LLM systems, that came with vast amounts of AI-Slop that caused the project to close it’s bug bounty programme to AI. But he goes on to make the same note I have, that really really should be obvious to every one but somehow is not, “AI tools find the usual and established kind of errors we already know about. It just finds new instances of them,” Stenberg said. “We have not seen any AI so far report a vulnerability that would somehow be of a novel kind or something totally new.” Whilst Mythos is not a “nothing burger” there are questions that are not being asked… If it gets integrated in a CI/CD pipeline where it would be most effective is right at the begining thus it will be run very frequently… “What will be the actual cost?” In terms of usage we should now know it will be immense as there is no other way there can be an ROI to the AI corps shareholders / investors… With the secondary question of, “What harm to the environment will such CI/CD use cause?” And the answers in both cases will be sufficiently immense that it will cost more than using humans… But without the bonus that humans can “reason forward” whilst Current AI LLM can only “pattern match from the past” of training data that went into the Current AI ML build. As we know each new ML build of weights cost many millions, so won’t be done very often, which means as a CI/CD tool Current AI LLM and ML Systems are going to be quite a way behind the leading edge… Which gives a significant window of opportunity to attackers not defenders. Worse skilled defenders will be considerably less numerous as they won’t get the “basic training” that leads to bringing forth the “thinking hinky” of “reasoning” that Current AI LLM and ML Systems lack… Phantom • May 12, 2026 6:55 AM I noticed http://www.schneier.com wasn’t resolving on Cloudflare’s DNS yesterday morning, 11 May GMT+10. It did resolve using 8.8.8.8. Seems fine today. Did anyone else notice it? Or have any insight about what that would have been? Subscribe to comments on this entry Leave a comment Sidebar photo of Bruce Schneier by Joe MacInnis. Ismar • May 8, 2026 5:19 PM Not sure if accessible outside Australia but it is a real treat for those wanting to know more about the top predators of the ecosystems frequented by giant squid in Western Australia https://iview.abc.net.au/show/killer-whale-australia-s-megapod/video/SC2417H001S00