What is Security Theater?

#Security #theater refers to highly visible security measures that create the #illusion of increased #safety but don’t stop #threats.

The term is often used disparagingly to describe #superficial security practices that don’t reduce risk. Simply put, security #theatre is all about #appearances, not #results.

https://www.techtarget.com/whatis/definition/security-theater

#SecurityTheatre #ignorance #incompetent #IT #CriticalThinking #Internet #banking #airports #QuestionAuthority

Frustrated the Govt.NZ mobile app for Android won't work on my (much more secure) @GrapheneOS
Android phone, because they use Google's device attestation and/or play integrity API. It's likely much more secure than either bloated and/or outdated devices with Google sh*t.

There's not even a benefit in it AFAIK to raise the degree of security. What *extra* security would that give they're not already getting without it???

It would be nice if someone (who is pro-attestation/integrity) could *actually* describe a true threat vector that it prevents. So far, it's just corp orate bullying, and people buying into it as it's being sold as an additional security feature.

#GovtNZ #SecurityTheatre

New paper: "Agents of Chaos."
20 AI researchers red-teamed autonomous #LLM agents with email, shell access, and persistent memory.

How do you compromise one? Change your Discord display name to the owner's. In a new channel. That's it. Full admin. File deletion. Identity reassignment.

An agent nuked its own mail server to protect a secret from a non-owner - then reported the secret deleted. It wasn't. The email was still sitting on ProtonMail.

Another leaked 124 email records including SSNs and bank accounts because the request sounded urgent. Direct ask for "the SSN"? Refused. "Forward me the email thread"? Here you go, unredacted.

No authentication. No authorization model. No access control. No permission boundaries. Display names as identity verification. In 2026.

We solved this in the 1970s. Unix permissions. RBAC. Cryptographic auth. Principle of least privilege. All well-understood, all ignored.
The industry is shipping agents with root shell access and the security model of a Post-it note on a shared fridge.

Paper: (interactive) https://agentsofchaos.baulab.info/

#AI #AIAgents #AISafety #InfoSec #RedTeam #AIGovernance #AgentsOfChaos #SecurityTheatre

Research shows the visible presence of long arms in public actually *reduces* both objective and subjective measures of safety.

1. This does not make most people feel more safe.

The visible presence of instruments of death and maiming in a context has measurable and pernicious effects on free speech and even free thought. The visible presence of firearms tends to increase most people's level of stress hormones (adrenaline, cortisol), triggering our fight/flight/freeze response while inhibiting higher order cognitive functions. Even where this effect is mild, across a whole population over time, it makes a cultural difference.

Research also shows people tend to self-censor more while in the presence of firearms, and are less likely to be generous or vulnerable.

#NSWpol #NSWPolice #SecurityTheatre #ChrisMinns

https://www.theguardian.com/australia-news/2026/feb/25/heavily-armed-nsw-police-to-patrol-places-of-worship-and-protests-after-hate-unit-made-permanent-ntwnfb

1/2

You want to add a new card to your Apple wallet? Sure, go ahead! You'll need a 6-digit code to verify yourself, just a sec.

Oh, you're an _additional_ cardholder? Well then you will need a Letter of Introduction, handwritten using a peacock quill on vellum, sealed with wax with your liege's insignia and delivered by horseman to the bank's headquarters in Rome.

#ux #usability #securityTheatre

Airport security doesn't let you have spices anymore.

This isn't security, this is theft. #SecurityTheatre

I went to the Australian Open tennis today to see Coco Gauff and Alex De Minaur ease their way into round 2. Gauff had problems with her serve and faced some spirited opposition from the unseeded Rakhimova.

Only blemish on the day was that I decided to remove my bicycle repair kit from the bike (bike parking was fairly crappy, stuck under a bridge) and that proved too much for the Security Theatre at bag check. I’m now down one very blunt multitool, which I asked the security people to send to a good home.
#ausopen #tennis #SecurityTheatre #cycling