dy existing without paying for what could be dirt-cheap if it wasn't run by profiteering gluttons, and you call us criminals. We explore... and you call us criminals. We seek after knowledge... and you call us criminals. We exist without skin color, without nationality, without religious bias... and you call us criminals. You build atomic bombs, you wage wars, you murder, cheat, and lie to us and try to make us believe it's for our own good, yet we're the criminals.

Yes, I am a criminal. My crime is that of curiosity. My crime is that of judging people by what they say and think, not what they look like. My crime is that of outsmarting you, something that you will never forgive me for.

** *** ***** ******* *********** *************

Upcoming Speaking Engagements

[2026.01.14] This is a current list of where and when I am scheduled to speak:

I'm speaking at the David R. Cheriton School of Computer Science in Waterloo, Ontario, Canada, on January 27, 2026, at 1:30 PM ET.
I'm speaking at the Universite de Montreal in Montreal, Quebec, Canada, on January 29, 2026, at 4:00 PM ET.
I'm speaking and signing books at the Chicago Public Library in Chicago, Illinois, USA, on February 5, 2026, at 6:00 PM CT.
I'm speaking at Capricon 46 in Chicago, Illinois, USA. The convention runs February 5 -- 8, 2026. My speaking time is TBD.
I'm speaking at the Munich Cybersecurity Conference in Munich, Germany, on February 12, 2026.
I'm speaking at Tech Live: Cybersecurity in New York City, USA, on March 11, 2026.
I'm giving the Ross Anderson Lecture at the University of Cambridge's Churchill College at 5:30 PM GMT on March 19, 2026.
I'm speaking at RSAC 2026 in San Francisco, California, USA, on March 25, 2026. The list is maintained on this page.

** *** ***** ******* *********** *************

Hacking Wheelchairs over Bluetooth

[2026.01.14] Researchers have demonstrated remotely controlling a wheelchair over Bluetooth. CISA has issued an advisory.

CISA said the WHILL wheelchairs did not enforce authentication for Bluetooth connections, allowing an attacker who is in Bluetooth range of the targeted device to pair with it. The attacker could then control the wheelchair's movements, override speed restrictions, and manipulate configuration profiles, all without requiring credentials or user interaction.

** *** ***** ******* *********** *************

Since 1998, CRYPTO-GRAM has been a free monthly newsletter providing summaries, analyses, insights, and commentaries on security technology. To subscribe, or to read back issues, see Crypto-Gram's web page.

You can also read these articles on my blog, Schneier on Security.

Please feel free to forward CRYPTO-GRAM, in whole or in part, to colleagues and friends who will find it valuable. Permission is also granted to reprint CRYPTO-GRAM, as long as it is reprinted in its entirety.

Bruce Schneier is an internationally renowned security technologist, called a security guru by the Economist. He is the author of over one dozen books -- including his latest, A Hacker's Mind -- as well as hundreds of articles, essays, and academic papers. His newsletter and blog are read by over 250,000 people. Schneier is a fellow at the Berkman Klein Center for Internet & Society at Harvard University; a Lecturer in Public Policy at the Harvard Kennedy School; a board member of the Electronic Frontier Foundation, AccessNow, and the Tor Project; and an Advisory Board Member of the Electronic Privacy Information Center and VerifiedVoting.org. He is the Chief of Security Architecture at Inrupt, Inc.

Copyright (C) 2026 by Bruce Schneier.

** *** ***** ******* *********** *************
--- FMail-lnx 2.3.2.6-B20251227
* Origin: TCOB1 A Mail Only System (21:1/229)