New paper: "Agents of Chaos."
20 AI researchers red-teamed autonomous #LLM agents with email, shell access, and persistent memory.

How do you compromise one? Change your Discord display name to the owner's. In a new channel. That's it. Full admin. File deletion. Identity reassignment.

An agent nuked its own mail server to protect a secret from a non-owner - then reported the secret deleted. It wasn't. The email was still sitting on ProtonMail.

Another leaked 124 email records including SSNs and bank accounts because the request sounded urgent. Direct ask for "the SSN"? Refused. "Forward me the email thread"? Here you go, unredacted.

No authentication. No authorization model. No access control. No permission boundaries. Display names as identity verification. In 2026.

We solved this in the 1970s. Unix permissions. RBAC. Cryptographic auth. Principle of least privilege. All well-understood, all ignored.
The industry is shipping agents with root shell access and the security model of a Post-it note on a shared fridge.

Paper: (interactive) https://agentsofchaos.baulab.info/

#AI #AIAgents #AISafety #InfoSec #RedTeam #AIGovernance #AgentsOfChaos #SecurityTheatre

Research shows the visible presence of long arms in public actually *reduces* both objective and subjective measures of safety.

1. This does not make most people feel more safe.

The visible presence of instruments of death and maiming in a context has measurable and pernicious effects on free speech and even free thought. The visible presence of firearms tends to increase most people's level of stress hormones (adrenaline, cortisol), triggering our fight/flight/freeze response while inhibiting higher order cognitive functions. Even where this effect is mild, across a whole population over time, it makes a cultural difference.

Research also shows people tend to self-censor more while in the presence of firearms, and are less likely to be generous or vulnerable.

#NSWpol #NSWPolice #SecurityTheatre #ChrisMinns

https://www.theguardian.com/australia-news/2026/feb/25/heavily-armed-nsw-police-to-patrol-places-of-worship-and-protests-after-hate-unit-made-permanent-ntwnfb

1/2

You want to add a new card to your Apple wallet? Sure, go ahead! You'll need a 6-digit code to verify yourself, just a sec.

Oh, you're an _additional_ cardholder? Well then you will need a Letter of Introduction, handwritten using a peacock quill on vellum, sealed with wax with your liege's insignia and delivered by horseman to the bank's headquarters in Rome.

#ux #usability #securityTheatre

Airport security doesn't let you have spices anymore.

This isn't security, this is theft. #SecurityTheatre

I went to the Australian Open tennis today to see Coco Gauff and Alex De Minaur ease their way into round 2. Gauff had problems with her serve and faced some spirited opposition from the unseeded Rakhimova.

Only blemish on the day was that I decided to remove my bicycle repair kit from the bike (bike parking was fairly crappy, stuck under a bridge) and that proved too much for the Security Theatre at bag check. I’m now down one very blunt multitool, which I asked the security people to send to a good home.
#ausopen #tennis #SecurityTheatre #cycling

We have to change our password at work every 90 days. OK. So I will go along with that, even though it isn't considered best practice anymore. But the only way to change it takes you to the forgotten password flow, which is just lazy. It really irks me that it tells me I can now "get back into my account" after the process is complete. I never forgot my password, you made me change it...

#firstWorldProblems
#SecurityTheatre