MalChela v4.1 is out today, and the headline is something I’ve been wanting to tackle for a while: dedicated Mac malware analysis tooling. If you’ve been following the channel or the…

No business is too small to attract cybercriminals. In fact, small and medium-sized businesses (SMBs) are often more appealing targets for ransomware than large, established enterprises. Limited…

Shipyrd started as a Kamal-first tool. You'd add the shipyrd-gem hook to your deploy.yml, and Kamal would ping Shipyrd at the start and end of each deploy.At the end of the day, though, Shipyrd…

I have a new book out, Don’t Get Hacked! Protecting Yourself at Home. It’s released under a Creative Commons license, so it’s freely sharable and redistributable. I’m working…

I have an EV Switch AC7000 EV charger installed at home and it’s integrated into Home Assistant via the OCPP integration. It’s kind of annoying if you want to update the firmware - as the only real…

The Ekubo automated market maker infrastructure project experienced a $1.4 million theft after attackers were able to take advantage of a smart contract that improperly verified permissions. They…

When most people think about solar power in the UK, they picture a huge installation project involving scaffolding, installers, roof surveys, and a bill running into the thousands of pounds. But…

Some great news: I’m pleased to announce that both Dell and Lenovo have agreed to be premier sponsors for the Linux Vendor Firmware Service (LVFS) as part of our new sustainability effort. Over 145…

Staff from mailbox provider GMX/WEB.DE/mail.com (1&1 Mail & Media GmbH) have just announced on the Mailop list that they'll begin enforcement of DMARC checks in a phased rollout over the coming…

Why telemetry explodes into cost and noise, and how to fix it: treat every signal as a decision, not exhaust, and govern ownership before it's too late.

QEMU Qemu is pretty awesome. Here is an example of how to virtualize a windows guest under linux: qemu-system-x86_64 \ -cpu -enable-kvm \ -m 8192 \ -drive…

In this old post I have demonstrated how to abuse forfiles.exe to run your ‘cmd.exe’ of choice. There is one more trick we can do with this tool. When forfiles.exe enumerates the files it…

A reference post for system configuration

I host my open-source projects on Codeberg. But out of respect for this excellent service, I don't want to clutter it with one-off piles of code and stuff I don't take seriously. Also, I wanted to…

Runner Dock operating report Snapshot as of 2026-05-06 09:01 BST / 08:01 UTC. Recommendation: CEO should approve the first warm-intro target set, choose the agent-readable mailbox path, and keep the…

Resilient Cyber Prep: Karl McGuinness The host’s framing is already aligned with your thesis: we built AuthN/AuthZ for human-paced execution; agents remove presence, pacing, and natural…

Notes on how mDNS is prioritized on the .local top-level domain.

If you’ve been building anything with agents in the past year, you already know the shape of the problem even if you haven’t named it: you’ve got a model in one cloud, a vector…

The handful of local.conf knobs that make Yocto builds usable, and the failure modes each one buys you in return.

It’s with great pride and pleasure that the Incus team is announcing the release of Incus 7.0 LTS! Incus is a modern system container, application container and virtual machine manager. It’s released…

Networking has long been my Achilles heel. I know the very basics, but the more complex areas of networking have been a bit puzzling to me. By the time I figured out how IPv4 works, I found IPv6 and…

Background Imagine you need to move terabytes or petabytes of large files from AWS S3 to Azure Blob Storage, and that too with Reliability & High Throughput The naïve approach (download the whole…

While I certainly like my Linux laptop, a HP OmniBook Ultra Flip, one problem I had with Fedora 44 is an extremely unreliable keyboard after resuming. Running Rocky Linux on my servers, I installed…

Signed-off-by: Stefano Brivio Reviewed-by: Laurent Vivier

Surprising results comparing memory usage of X and Wayland terminals.

When a crime scene has no physical address, investigators face a labyrinth of overlapping jurisdictions, conflicting laws, and technical challenges that traditional forensics never prepared them for.

tl;dr: plox is a canonical encoding of the did:plc directory, stored in an atproto PDS. as of may 2026 at://cerulea.blue/blue.cerulea.plox.bundle is taking up 35 GB on disk ( zstd -compressed; ≈80 GB…

Signal is end-to-end encrypted in the sense that the keys are end-to-end. Whether you got the right keys is a different question, and almost nobody asks it. Safety numbers on Signal exist because, in…

Most AI infrastructure picks one of three: SaaS-central (one vendor’s database, one row per customer, one dashboard, infinite tenancy risk), self-hosted local (you keep everything, you also keep the…

I keep my entire Nix config in a public repo. Dotfiles, packages, shell setup, everything. But I also need my SSH and GPG keys on every machine I use. Storing private keys in a public repo is…

There are ways to do voice AI without being traumatized by WebRTC.

time for another Sun Ray blog post! I've had a few people email me asking for help setting up a Sun Ray server over the last few months, and despite my attempts to help them get it going there's been…

Use Rosetta to run Terraform as x86_64 on Apple Silicon and avoid provider checksum mismatches.

Deptool is a new declarative configuration deployment tool that I built for myself. In this post I describe the design, and I explain what problems it solves.

Vercel's deepsec wraps Claude and Codex with scanning, revalidation, exports, and optional Sandbox fanout.

Subscribe to Google Calendar's secret iCal feed from any calendar app. Keep your Google account out of macOS and iOS. Worked example for Apple Calendar on Mac, iPhone, and iPad.

In the previous post we gave superpowers to the harness in the form of a bash tool. Even doing it just for the learning experience, it was already very eye-opening. It made this little Swift harness…

Keys.openpgp.org Breaks Your Keys This article will be presented in the form of a rant... Keys.openpgp.org is a PGP keyserver on the internet. It's somewhat popular and is the default keyserver for…

Revision No. 1093, commit 7649f6c. “grub: Persist previous menu choice between reboots” View changelog since the last revision as [ diff HEAD~1...HEAD][2] The verbosity factor of this document…

Lightyear's Telecom Operating System automates procurement, inventory management and expense management for enterprise network connectivity. Their NFD40 demo showed why buying bandwidth shouldn't…

Farewell “Designer Vulnerabilities”, and hello Vulnerability Garden 🪴 — the new (and improved) space for cataloguing all named vulnerabilities, attack techniques and exploits. When I first started…

A practical AI governance overview for organisations that are either rushing into AI or panicking over every new feature. This post explains why strong fundamentals, identity, device security,…

I.F.S. = Incredibly Fucking Stupid TL/DR: 5,000 workstations are hit with a surprise reboot in the middle of the morning because the policy says “Audit mode only” and the documentation…

MDR started as a practical answer to a very real problem: customers had too many security alerts, too few security operators, and no realistic way to staff a strong 24/7 security operations center…

Storm Reply and AWS present a serverless AWS pipeline for extracting clinical entities from German healthcare documents, combining Textract, Claude Sonnet, Medical Comprehend, and Claude Opus —…

Stop fighting with MQTT brokers and zero-hop limits. The Flaresat Relay Bridge instantly connects your off-grid Meshtastic mesh to anyone online in seconds. Get real-time, bidirectional sync for live…

Unencrypted secrets on developer workstations and long-lived credentials in continuous integration environments have long been considered bad practice. But they have often been tolerated because the…

AI can produce a competent-looking post-incident review from a Slack transcript. The document itself was never the point, though; the real learning happens while writing it, not reading it. AI should…

I've added a new format for use with RPZ, which returns NXDOMAIN responses instead of 127.0.0.1. ...

Problem statement: An ArgoCD application’s sync operation is stuck in Terminating for hours. The web UI shows operation is terminating due to timeout. A PreSync hook resource keeps appearing as…