Comments

Clive Robinson May 27, 2026 11:52 AM

@ Bruce, ALL,

I hate to say it but it can be easily argued that,

“The victims are to blame for not taking enough precautions”

And whilst in some ways it is true, the Government and Corporations are actively, every day, in just about every way, forcing people to be victims.

Thus the question of what to do should not be,

“What do we do about cyber-crime?”

But,

“Why do we force people to be victims?”

Addressing this will reduce cyber-crime more quickly and effectively than any “go get them” agency nonsense policy that just takes more and more tax dollars pointlessly.

Look at it this way, remove “the massive amount of low hanging fruit” then the beasts who currently gorge on it will have to go somewhere else, starve, or really stick their necks out thus making easier targets of themselves…

Clive Robinson May 27, 2026 12:06 PM

@ Bruce,

You link to the WSJ with a “paywalled link”.

Are you aware that the WSJ allows “gifting links?

That give people access to just a single article?

Weather May 28, 2026 2:09 AM

@Corrupt IDEHO Judges ,All

The sad part, that wasn’t spam. Your venting in the wrong area, just because our host is cyryto does mean he’s government.

Weather May 28, 2026 2:53 AM

@All

My brother went over there for s 1500km trik, he did say most of them were on drugs. Like nz they were 10times worst.
Anyway he hated La airport.
Thanks for allowing it through.

Rontea May 29, 2026 10:54 AM

@Clive re: “The victims are to blame for not taking enough precautions”

Blaming victims for security failures is a fundamental misunderstanding of how real-world risks work. People can take reasonable precautions, but the burden of effective security shouldn’t rest solely on the individual. Complex systems, organizations, and infrastructure are responsible for creating resilient environments, because most attacks exploit systemic weaknesses rather than just personal negligence. Security that depends on perfect user behavior is not security at all.

how? May 29, 2026 1:04 PM

@Clive @Rontea

Clive’s point is that systems/environments are not resilient. I am convinced this is true, because Clive has generously explained why in thousands of contrubutions here over several years.

Rontea’s view is that organizations that operate systems/environments are responsible for their resilience. The law says maybe, since the rules work both ways. Cyber insuance is increasingly moving to “mitigate” liability, which is not the same thing as increasing resilience. An analogy: Has auto insurance made people better drivers?

Privacy is one way to be resilient, but then LEAs complain about going dark and want to ban E2EE. They do this even after Salt Typhoon and realizing E2EE is the only way to communicate securely amongst themselves.

It is a mistake to think that everyone being naked in a panopticon is some sort of Nash equilibrium.

Anonymous May 29, 2026 1:20 PM

@how?

To believe that universal exposure could ever stabilize into a Nash equilibrium is to insist on order in a void. In a world where every gaze is a blade and every soul already stripped bare, the illusion of balance only conceals the delirium of mutual surveillance. What we call equilibrium is merely the stillness of despair, the weariness of creatures who have forgotten they are being devoured by the transparency they worship.

KC May 29, 2026 9:04 PM

Really interesting that it’s the first year AI crimes have been broken out at 22,000 complaints.

“’The AI companies like to say that today’s AI is the worst AI you will ever use.

What’s also true is that these are the lowest number of AI complaints we are ever going to see,’ says Braun”

Great.

Leave a comment

Blog moderation policy

Login

Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via https://michelf.ca/projects/php-markdown/extra/

Sidebar photo of Bruce Schneier by Joe MacInnis.