This is a very weird story about how squid stayed on the menu of Byzantine monks by falling between the cracks of dietary rules.

At Constantinople’s Monastery of Stoudios, the kitchen didn’t answer to appetite.

It answered to the “typikon”: a manual for ensuring that nothing unexpected happened at mealtimes. Meat: forbidden. Dairy: forbidden. Eggs: forbidden. Fish: feast-day only. Oil: regulated. But squid?

Squid had eight arms, no bones, and a gift for changing color. Nobody had bothered writing a regulation for that. This wasn’t a loophole born of legal creativity but an oversight rooted in taxonomic confusion. Medieval monks, confronted with a creature that was neither fish nor fowl, gave up and let it pass.

In a kitchen governed by prohibitions, the safest ingredient was the one that caused the least disturbance. Squid entered not with applause, but with a shrug.

Bonus stuffed squid recipe at the end.

As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.

Blog moderation policy.

from Schneier on Security https://ift.tt/O1sF2Ap

We may earn a commission from links on this page. Deal pricing and availability subject to change after time of publication.

If old-school Atari games like Pac-Man, Centipede, and Asteroids unlock a deep childhood nostalgia for you, check out the My Arcade Atari Gamestation Go. This handheld gaming device is packed with 200 games and is currently on Woot for an all-time low price of $129.99 (originally $179.99).

My Arcade Atari Gamestation Go

$129.99 at Woot

$179.99 Save $50.00

$129.99 at Woot

$179.99 Save $50.00

CNET praised the devices “crazy array of controller options,” though it cautioned that some games you might remember fondly have actually aged quite poorly.

While there aren’t detachable controllers, the 7-inch screen is bigger than the original Nintendo Switch, and it has the classic D-pad and shoulder buttons as well as a rotating dial, a physical number pad, and a trackball wheel. It comes with a sturdy kickstand, an HDMI port, three USB-C ports, a headphone jack, and a micro-SD slot for side-loading games. Although you can update the system via built-in wifi, you can’t buy or download additional titles on an app store, limiting you to the pre-loaded games.

While nostalgia is the main draw of this rechargeable console, keep in mind that performance and pacing might feel different if you’re used to modern games on contemporary consoles, reminding us that not all early games have aged well. That said, there are still a ton of options to choose from that will likely include your favorites, making the My Arcade Atari Gamestation Go worth it for classic gaming enthusiasts, especially at $50 off.

Our Best Editor-Vetted Tech Deals Right Now

Apple AirPods 4 Active Noise Cancelling Wireless Earbuds — $119.00 (List Price $179.00)

Samsung Galaxy S26 Ultra, Unlocked Android Smartphone + $200 Gift Card, 512GB, Privacy Display, Galaxy AI, AI Camera, Super Fast Charging 3.0, Durable Battery, 2026, US 1 Year Warranty, Black — $1,299.99 (List Price $1,499.99)

Samsung Galaxy Buds 4 AI Noise Cancelling Wireless Earbuds + $20 Amazon Gift Card — $179.99 (List Price $199.99)

Google Pixel 10a 128GB 6.3" Unlocked Smartphone + $100 Gift Card — $499.00 (List Price $599.00)

Apple iPad 11" 128GB A16 WiFi Tablet (Blue, 2025) — $329.00 (List Price $349.00)

Apple Watch Series 11 [GPS 46mm] Smartwatch with Jet Black Aluminum Case with Black Sport Band - M/L. Sleep Score, Fitness Tracker, Health Monitoring, Always-On Display, Water Resistant — $329.00 (List Price $429.00)

Amazon Fire TV Soundbar — $99.99 (List Price $119.99)

Deals are selected by our commerce team

from Lifehacker https://ift.tt/jgV2EaG

OpenAI is in and Anthropic is out as a supplier of AI technology for the US defense department. This news caps a week of bluster by the highest officials in the US government towards some of the wealthiest titans of the big tech industry, and the overhanging specter of the existential risks posed by a new technology powerful enough that the Pentagon claims it is essential to national security. At issue is Anthropic’s insistence that the US Department of Defense (DoD) could not use its models to facilitate “mass surveillance” or “fully autonomous weapons,” provisions the defense secretary Pete Hegseth derided as “woke.”

It all came to a head on Friday evening when Donald Trump issued an order for federal government agencies to discontinue use of Anthropic models. Within hours, OpenAI had swooped in, potentially seizing hundreds of millions of dollars in government contracts by striking an agreement with the administration to provide classified government systems with AI.

Despite the histrionics, this is probably the best outcome for Anthropic—and for the Pentagon. In our free-market economy, both are, and should be, free to sell and buy what they want with whom they want, subject to longstanding federal rules on contracting, acquisitions, and blacklisting. The only factor out of place here are the Pentagon’s vindictive threats.

AI models are increasingly commodified. The top-tier offerings have about the same performance, and there is little to differentiate one from the other. The latest models from Anthropic, OpenAI and Google, in particular, tend to leapfrog each other with minor hops forward in quality every few months. The best models from one provider tend to be preferred by users to the second, or third, or 10th best models at a rate of only about six times out of 10, a virtual tie.

In this sort of market, branding matters a lot. Anthropic and its CEO, Dario Amodei, are positioning themselves as the moral and trustworthy AI provider. That has market value for both consumers and enterprise clients. In taking Anthropic’s place in government contracting, OpenAI’s CEO, Sam Altman, vowed to somehow uphold the same safety principles Anthropic had just been pilloried for. How that is possible given the rhetoric of Hegseth and Trump is entirely unclear, but seems certain to further politicize OpenAI and its products in the minds of consumers and corporate buyers.

Posturing publicly against the Pentagon and as a hero to civil libertarians is quite possibly worth the cost of the lost contracts to Anthropic, and associating themselves with the same contracts could be a trap for OpenAI. The Pentagon, meanwhile, has plenty of options. Even if no big tech company was willing to supply it with AI, the department has already deployed dozens of open weight models—whose parameters are public and are often licensed permissively for government use.

We can admire Amodei’s stance, but, to be sure, it is primarily posturing. Anthropic knew what they were getting into when they agreed to a defense department partnership for $200m last year. And when they signed a partnership with the surveillance company Palantir in 2024.

Read Amodei’s statement about the issue. Or his January essay on AIs and risk, where he repeatedly uses the words “democracy” and “autocracy” while evading precisely how collaboration with US federal agencies should be viewed in this moment. Amodei has bought into the idea of using “AI to achieve robust military superiority” on behalf of the democracies of the world in response to the threats from autocracies. It’s a heady vision. But it is a vision that likewise supposes that the world’s nominal democracies are committed to a common vision of public wellbeing, peace-seeking and democratic control.

Regardless, the defense department can also reasonably demand that the AI products it purchases meet its needs. The Pentagon is not a normal customer; it buys products that kill people all the time. Tanks, artillery pieces, and hand grenades are not products with ethical guard rails. The Pentagon’s needs reasonably involve weapons of lethal force, and those weapons are continuing on a steady, if potentially catastrophic, path of increasing automation.

So, at the surface, this dispute is a normal market give and take. The Pentagon has unique requirements for the products it uses. Companies can decide whether or not to meet them, and at what price. And then the Pentagon can decide from whom to acquire those products. Sounds like a normal day at the procurement office.

But, of course, this is the Trump administration, so it doesn’t stop there. Hegseth has threatened Anthropic not just with loss of government contracts. The administration has, at least until the inevitable lawsuits force the courts to sort things out, designated the company as “a supply-chain risk to national security,” a designation previously only ever applied to foreign companies. This prevents not only government agencies, but also their own contractors and suppliers, from contracting with Anthropic.

The government has incompatibly also threatened to invoke the Defense Production Act, which could force Anthropic to remove contractual provisions the department had previously agreed to, or perhaps to fundamentally modify its AI models to remove in-built safety guardrails. The government’s demands, Anthropic’s response, and the legal context in which they are acting will undoubtedly all change over the coming weeks.

But, alarmingly, autonomous weapons systems are here to stay. Primitive pit traps evolved to mechanical bear traps. The world is still debating the ethical use of, and dealing with the legacy of, land mines. The US Phalanx CIWS is a 1980s-era shipboard anti-missile system with a fully autonomous, radar-guided cannon. Today’s military drones can search, identify and engage targets without direct human intervention. AI will be used for military purposes, just as every other technology our species has invented has.

The lesson here should not be that one company in our rapacious capitalist system is more moral than another, or that one corporate hero can stand in the way of government’s adopting AI as technologies of war, or surveillance, or repression. Unfortunately, we don’t live in a world where such barriers are permanent or even particularly sturdy.

Instead, the lesson is about the importance of democratic structures and the urgent need for their renovation in the US. If the defense department is demanding the use of AI for mass surveillance or autonomous warfare that we, the public, find unacceptable, that should tell us we need to pass new legal restrictions on those military activities. If we are uncomfortable with the force of government being applied to dictate how and when companies yield to unsafe applications of their products, we should strengthen the legal protections around government procurement.

The Pentagon should maximize its warfighting capabilities, subject to the law. And private companies like Anthropic should posture to gain consumer and buyer confidence. But we should not rest on our laurels, thinking that either is doing so in the public’s interest.

This essay was written with Nathan E. Sanders, and originally appeared in The Guardian.

from Schneier on Security https://ift.tt/PaCkVIR

TikTok is entertaining, addictive, and full of hidden features that can make the experience way more enjoyable—not to mention safer. Because for all its charms, TikTok is something of a privacy nightmare. The app's ownership recently shifted from Chinese company ByteDance to the TikTok USDS Joint Venture, a new entity backed by Oracle's Larry Ellison, private equity firm Silver Lake, and UAE-based investment firm MGX, a change that raised plenty of eyebrows when it was announced in January 2026, and may have you thinking twice about how it's using your data.

When it comes to hacking your TikTok feed, you probably already know the surface-level tricks: adding automatic captions, holding down to play at 2x speed, or tapping "Not interested" to nudge the algorithm. Let's go deeper, with 10 TikTok hacks you might not know about.

There's a way to view your TikTok watch history

Finding a TikTok via the search bar is famously painful. If you didn't like or save the video, you can consider it gone forever...unless you use this little-known trick to actually see your own watch history. Go to the search bar on your For You feed, type a single period (.) and hit search. You'll see an option to “view your watch history.” From here, you can even filter by date, if you remember roughly when you watched the video you're looking for. This is huge.

Credit: Meredith Dietz

Long-press the share button to quickly send a TikTok to your top friends

Instead of going through the full share menu, you can simply press and hold the share (arrow) button while watching a video. Your top four contacts will appear instantly, letting you send with one tap. Note: TikTok's idea of who makes it into your "top four" may surprise you, and it's not entirely transparent about how it determines who counts as one of your closest connections.

Enable clear mode in TikTok for a cleaner watch experience

To strip away the like buttons, comment icons, and other UI clutter from a video, long-press on the screen while watching and select Clear Display. Alternatively, pinch the screen with two fingers and move slightly outward to toggle the same mode. Press X or swipe to the next video to exit clear mode. This trick is particularly great for screenshots, or when you want to get a better view of the video without the interface in the way.

Drop an emoji react in TikTok without opening comments

Press and hold the comment box to send a quick emoji reaction without pulling up the full comments section. It's faster, though if you ask me,  the comments section is crucial to the full TikTok experience. Some of the best content on the internet lives in the replies. 

Reset your TikTok For You feed's algorithm  

Stuck in a content rut? TikTok has a way to wipe your feed and start fresh:

• Tap Profile at the bottom right

• Tap the three-line menu (top right)

• Go to Settings and privacy

• Select Content preferences

• Tap Refresh your For You feed

• Tap Continue to confirm

Your feed will repopulate with a clean slate of broader, less personalized content.

Save a TikTok as a Live Photo for your iPhone Lock Ccreen

Love a video so much you want to see it every time you lock your phone? Or do you want to prank a friend who left their phone in your hands? On iPhone, open any video in TikTok, tap the Share (arrow) icon, and select Live Photo from the bottom row. The video will save to your Photos app. To then use it as a lock screen wallpaper:

• Open the Live Photo in the iPhone Photos app

• Tap Share → Use as Wallpaper

• Or go to Settings → Wallpaper → Choose a New Wallpaper and select it from your library

Force-press your lock screen and your TikTok video will play as a live photo. This is useful if you really, really like someone's fan edits of your favorite character.

Opt out of TikTok's data collection

TikTok collects a lot. If you’re going to use the app, there isn’t really a way to get around the privacy nightmare completely. Still, in the settings, you can limit what it does with your data:

• Turn off targeted ads outside of TikTok

• Disable using off-TikTok activity for ad targeting

• Turn off location tracking within the app

• Stop contact syncing

You can also go to your phone's system Settings → TikTok and revoke location permissions at the OS level. This is usually a more reliable route than trusting in-app controls.

Stop TikTok from suggesting your account to others

Two layers here, and you need both: In TikTok settings, you should turn off syncing for contacts and Facebook friends. But the real hack is to also go into your phone's settings and revoke TikTok's contacts permission entirely. Otherwise TikTok may still be able to match your account to people who have your number saved, even with in-app syncing off.

Use hidden hashtags to reach the right audience

Ready to post something yourself? Hashtags tell TikTok's algorithm what your video is about, but a wall of hashtags in your caption looks messy and may actually confuse the algorithm. But you can hack it with two cleaner approaches:

• Use SEO-based terms, shrink them small, and flick them off-screen in the caption editor.

• Post your video, then immediately add hashtags as your very first comment.

Whichever method you choose, stick to 3–5 hashtags that directly relate to your content, mixing specific, broad, and trending tags. More isn't better here, since it can dilute your content.

Boost your own engagement

The secret to engaging an audience of your own is to actually be engaging, and to engage back with others. For instance, replying to comments with video responses boosts reach more than typing a reply does. But to make sure you’re posting something that gets a comment in the first place, use the three-hook rule to keep viewers watching past the first second:

• Text hook. Put descriptive text on-screen that tells viewers exactly what this video is about.

• Verbal hook. In your voiceover or talking-head intro, explain why they should stick around.

• Visual hook. Do something visually compelling immediately. Always open with your most exciting footage, even if you circle back chronologically.

Finally, capitalizing on trends does help, but I promise you don't have to dance to trending sounds—just add a popular song to the background of whatever you're already filming to ride its algorithm boost. 

from Lifehacker https://ift.tt/cwHI84i

The only thing Pixel users love more than the lock screen's Now Playing widget is talking about the Now Playing widget. Whenever I'm out and about with my Pixel and there's music playing, I'll always take a sneaky look at the lock screen, and yes, it'll have identified the song. It's magical. But until now, that's where the magic stopped.

What if you want a list of all the songs the widget recognized while you were at your local cafe? What if you want to save a song or play it in YouTube Music? Or even trigger the music search manually? Until now, that wasn't really possible. Now, Google has chosen to bring this functionality to a dedicated app, as part of its March Pixel Drop.

How to find your Now Playing listening history on Google Pixel

First, start by downloading the Now Playing app from the Google Play Store. At launch, it might ask you to download the latest software update and come back in a couple of hours. Once I installed the update, I was in.

To use the app, you'll need to enable the background feature that scans for music. If it's disabled, you'll be prompted to enable it before you can use the app (you'll be taken to where you can toggle it on).

Credit: Khamosh Pathak

The app opens to a history view, and you'll be glad to know that all the songs your Pixel's Now Playing widget previously recognized will all be here. The list can be pretty detailed. For me, it was over 100 songs long.

You can do more than look at your history, too. Tap the three-dot Menu button next to any song to listen to it on YouTube Music, add it to your Liked Songs, add it to a playlist, or add it to a Favorites section (which you can visit using the heart icon in the bottom toolbar).

Credit: Khamosh Pathak

Head over to the Settings section up top, and you'll find an option for Connected music service. You can change your default music service here. Sadly, the only options available right now are YouTube and YouTube Music, but hopefully this means Google will add options for Spotify and Apple Music in future updates. Other than that, the Settings screen is quite bare. You can tap the Clear History button if you want to get rid of all your previously recognized songs, but that's about it.

How to manually scan for songs using the Now Playing app

Credit: Khamosh Pathak

Beyond seeing a history of songs, the advantage of having a dedicated Now Playing app is that you can search for a song even if the widget doesn't automatically detect it. Open the Now Playing app and switch to the Live tab at the end. Then, tap the big Music button to start recognizing the song (if you've ever used Shazam, this should be familiar). In a second, the app will recognize the song, and you'll see a full-screen preview for it.

The Now Playing app also supports Quick Settings controls, one of my favorite ways to trigger shortcuts and utilities on Android. To add the Now Playing control to your Quick Settings, open the notification drawer, switch to the Quick Settings panel, and tap the Edit button. Find and add the Now Playing control. Now, the next time you want to find out what you're listening to, just open the Quick Settings panel, tap the Now Playing control, and wait as the app does its thing.

from Lifehacker https://ift.tt/ZICBFh6

Software security has reached an inflection point as AI development tools increase the volume and velocity of software releases, while AI is also powering the next generation of threat actors driving attack volume and sophistication to new heights.

For security teams, this is not just acceleration – it is multiplication: more apps, more releases, and more opportunities for attackers. The challenge is no longer protecting just flagship applications but securing all Android and iOS releases without slowing development or adding friction to delivery workflows.

Digital.ai announced the LLM-enhanced Digital.ai Quick Protect Agent v2, the latest version of its application hardening solution for mobile apps.

Powered by AI and built on the principle that security must be automated and embedded into existing pipelines, Quick Protect AI expands post-build protection across Android and iOS applications, making it easier than ever to deliver trusted, secure applications in an AI-world. With this release, Digital.ai also deepens integration between Application Security and Digital.ai Testing, giving teams a practical way to ensure applications are both secure and high quality.

As AI accelerates malware creation, app cloning, and reverse engineering, mobile applications have become one of the fastest-growing attack surfaces for enterprises. Every new app release is a potential entry point into core business systems. Development teams are under pressure to move faster, while security teams are under pressure to reduce risk, widening the gap between speed and protection, and exposing the limits of checkbox compliance approaches to mobile security.

“As we enter the age of agentic software development and delivery, delivery pipelines and attacks are both moving faster and at greater scale,” said Derek Holt, CEO of Digital.ai. “Quick Protect AI leverages the power of AI along with more than a decade of application security experience to close the gap by letting teams secure Android and iOS apps in minutes. With this release, we are making security accessible to all organizations by reducing the need for specialized skills and ensuring that every app that should be protected, can be protected.”

Digital.ai Quick Protect AI delivers enterprise-grade mobile app protection post-build, helping organizations defend against reverse engineering, tampering, and runtime attacks—while keeping development pipelines fast, predictable, and developer-friendly. Key enhancements in this release include:

AI-Powered Post-Build Protection for Android and iOS – Quick Protect AI automatically applies production-ready security controls after the build process for both Android and iOS apps, eliminating the need for source code changes or manual configurations.

Targeted code-aware protection across mobile apps – Quick Protect AI analyzes application code to pinpoint the most sensitive components and obfuscates only those areas. The result: better protection for Android and iOS apps with less impact on performance.

Integrated protection and testing in the CI/CD – Quick Protect AI connects app hardening directly to Digital.ai Testing, enabling automated validation of performance, functionality, and accessibility within existing CI/CD workflows.

With LLM-enhanced Quick Protect Agent v2, Digital.ai removes the traditional tradeoff between speed and security, enabling teams to harden, test, and ship mobile applications through a single, automated workflow without disrupting existing delivery processes.

This release reinforces Digital.ai’s mission to make enterprise-grade application security practical and scalable for every development team and application through the power of AI. With Digital.ai’s automated app hardening and integrated testing, organizations can reduce mobile risk, protect intellectual property, and deliver secure digital experiences at the pace of modern software delivery.

from Help Net Security https://ift.tt/a5LRH4v

Tufin announced its latest AI-powered innovations, enabling customers to utilize its Unified Control Plane to accelerate issue resolution, reduce operational friction, and limit risk – even as network complexity continues to grow.

Security teams face pressure to move faster while maintaining a secure network environment. The complexity of the network makes it harder and harder to keep tabs on where potential problems are and opens up opportunities for attackers using advanced AI tools to take advantage of the situation. In response, enterprises have turned to AI solutions for help.

In Deloitte’s recent “The State of AI in the Enterprise” report, a quarter of enterprise leaders say “…that AI is having a transformative effect on their companies – more than double from a year ago.” In fact, as OpenAI found in its “The State of Enterprise AI” report, that transformative effect is real, as “…75% of workers report that using AI at work has improved either the speed or quality of their output.”

TufinAI-powered solutions empower organizations to use AI to meet these enterprise challenges head-on, accessing insights, answering critical questions, and taking action using natural-language tools, all without relying on manual processes or specialized solution expertise.

By using AI to make it easier for teams to access and understand their network’s security posture, potential vulnerabilities and points of attack can be revealed, enabling better-informed decisions to be made at a speed that matches or exceeds that of attackers. Better network data leads to quicker response times, proactive actions, and continuous network protection.

“At Tufin, we’re dedicated to eliminating the historically accepted tradeoff between security, customization, and ease-of-use,” said Shay Dayan, Tufin’s SVP of Products and Engineering. “The combination of advanced AI-powered tools with our Unified Control Plane helps teams simplify network security operations, remove friction from workflows, and scale without additional resources. As network complexity grows, it is our job to accelerate AI innovations that can make it easier to understand and manage.”

Four new AI-powered assistants have been launched, covering rules, devices, compliance exceptions, and access requests. Built on the company’s embedded AI engine, TufinAI, these innovations are designed to accelerate network security operations, simplify intricate workflows, and improve operational efficiency across on-premises, cloud, and hybrid environments.

In addition, today the company also announced the launch of the TufinAI Executive Dashboard, which provides the answer to the long-time industry issue of static, fixed and “one-size-fits-all” security dashboards.

Tufin’s latest AI-powered innovation enables users to use natural-language prompts to customize the data incorporated and presented, making it easy to answer key questions including, “are we secure?” or “where are we at risk?”

Expanding the TufinAI assistant portfolio

Tufin continues to expand its portfolio of AI-powered assistants, each designed to eliminate common operational bottlenecks and streamline day-to-day security tasks. In addition to its successful TufinMate AI assistants for IT, SOC, and Network Security Engineers, the following new AI assistants have been added:

TufinAI Assistant Rule Search enables teams to quickly locate and understand relevant security rules using natural-language queries. It helps teams to collaborate faster and speed decision-making.

TufinAI Assistant Device Search allows users to instantly find devices and related policy context, on their networks, without having to navigate complex interfaces. This assistant helps teams to troubleshoot faster and reduce manual inventory filtering.

TufinAI Assistant for Unified Security Policy (USP) Exception Search helps teams rapidly identify, view, and analyze compliance exceptions within an organization’s master network security policy. This assistant simplifies rule exception management, reduces risk, and improves overall security policy hygiene by identifying policy violations and security gaps more efficiently.

TufinAI Assistant Access Request allows users to request network access changes and provide additional information via natural-language prompts. Change requests and approvals are automated, saving time and making the process more efficient.

The combination of TufinMate with these new TufinAI assistants help security teams work faster, reduce manual effort, and make more confident, risk-aware decisions, regardless of role or level of expertise.

Total visibility with the TufinAI Executive Dashboard

Tufin’s new TufinAI Executive Dashboard addresses a longstanding challenge in security operations: static, one-size-fits-all reporting that fails to meet the needs of different teams and stakeholders.

Tufin now makes it possible for any user to create customized dashboard views using natural-language prompts, eliminating the need to engage a company’s development team in a time-consuming process and speeding time-to-value.

By dynamically shaping insights around each team’s specific KPIs, the dashboard provides real-time visibility into security posture, risk, and change impact across today’s hybrid environments.

Key use cases include:

• Security posture visibility and risk assessment
• Incident investigation and response
• Change impact analysis and approval acceleration
• Audit and compliance reporting with executive-ready views
• Operational monitoring at scale, as environments grow and evolve

By eliminating manual reporting and fixed views, the dashboard helps teams detect issues faster, prioritize high-risk changes, improve audit readiness, and increase confidence for both security leaders and executives.

from Help Net Security https://ift.tt/uAKiY82