I recently realized that the cat and mouse game of privacy is hard to play on the iPhone because of the number of options you have to keep saying yes and no to. So I decided to go with a different…

Volume 10 , Issue 22 ; 04 May 2026 Closing in on 6.1, this release exercises the new build infrastructure, mitigates a couple of Microsoft CVEs in the C# resolver, and adds support for “new” HTTP…

Sometimes on FreeBSD you need to run services that aren’t officially supported by FreeBSD, and this post actually came about because I was installing Open WebUI on my NAS – and Open WebUI…

“Fear leads to anger. Anger leads to hate. Hate leads to suffering. And centralized data architectures lead to a table called customer_revenue_final_v9_USE_THIS_ONE_SERIOUSLY.”—…

This is a writeup of my DEF CON Singapore talk that walks through vulnerabilities and exploits in M365 Copilot and Consumer Copilot. I disclosed these to Microsoft last year. MSRC assigned…

pyinfra lets you run remote commands on servers, like Ansible, but much quicker and with Python instead of YAML.

Quite some time ago I shared a script and methodology for performing a cross-architecture debootstrap in a rootless way . I had a short note on producing an image bootable in QEMU, but it was fairly…

Another wee essay I wrote for uni. This is from my criminology module and discusses genocide at the end. Critical evaluation the role of the state in preventing and/ producing harm This essay will…

In the past Oracle provided Solaris SRUs (Support Repository Updates) each month. This does change now. The types of SRUs are reduced from 3 types to 2 types. Instead of 12 SRUs per year we will see…

Introduction This chapter explains how to create and deploy a simple SONiC-based Clos topology in WSL using Containerlab. First, we open VS Code from WSL to create and edit a topology definition…

IoT Supply Chain Protection Case Study : Use Shadow-Box-For-Arm and PATT for Firmware Integrity Assurance Project Design Purpose : This article will introduce a proof-of-concept (POC) case study…

Welcome back to the weekly digest about the Cybersecurity & Threats in the wild. Below you will find a very subjective summary of Cybersecurity events for the prior week. 1.Deep#Door Stealer:…

How much VRAM does your LLM need, and which GPU should you actually rent? A free calculator covering DeepSeek, Llama, Mixtral on H100, B200, A100.

So I switched to a regular old github repo rather than using Nekoweb's Git, and I configured Deploy2nekoweb. What a blast.

Contents The Efergy Engage Hub False Starts Fake Efergy Server Hacking the Receiver Hub Software Defined Radio OmniOS the pain Compiling Passing a USB device to a zone rtl_433 Bonus Round: Wait What…

A few months ago I wrote about the new calculus of AI-based coding, how 10x velocity gains require corresponding investment in testing, deployment, and coordination, or the bottleneck just moves.…

Yesterday I got scammed on a P2P crypto trade. Or at least someone tried to. Here’s what happened and how I managed to get Revolut to side with me. What happened I took a sell order on RoboSats…

Josh and David finish up the disaster recovery and emergency planning trilogy. In this one David tells us how to test the plan he told us how to build in the last episode. There are some great ideas…

A fictional scenario about what AI changes for cloud security, written because the technical version of the argument doesn't land with anyone except engineers.

Production is ransonware encrypted. The board wants a head. Let's play.

Anthropic’s Claude Security scans codebases for vulnerabilities and generates patches using Opus 4.7, following Project Glasswing’s discovery of thousands of zero-day flaws across every major OS and…

Cilium leaves behind BPF maps, iptables rules, and CNI config that survive pod deletion and even node reboots. Here’s how to fully remove it.

How services like TinyURL, Bitly, and goo.gl turn long links into 7-character codes and serve billions of redirects a day - You paste a 200-character link into a tweet. Twitter wraps it in t.co/....…

I was poking around the OpenSSL source code recently. Not really hunting for anything specific (one of the most heavily audited codebases), just curious about how the new post-quantum crypto stuff…

This is the post we never want to make, where we made errors with our previous ISO release and are having to take steps to fix the issue, including releasing an updated ISO. Over the course of April,…

Ever since Mozilla killed its GPS location service , GPS hasn’t been very accurate for me on Linux. The system on linux that handles location on many linux systems is called Geoclue , and this system…

Supply chain attacks are becoming more and more widespread these days. Since Clyde lets you install apps freshly published by their original authors, it could propagate a rogue release. A simple way…

Term: 1 Year. NRC: $10K. Delivery: 8 to 10 weeks. A pt: SG1. Z pt: LA1. Remark: No Bifrost provider currently offers 10G waves.

How to write reusable middleware for Rust Lambda functions using tower, the generic middleware engine that already underpins the AWS Lambda Rust runtime. Includes a complete DynamoDB-backed IP rate…

Kyun reviewed

This article shows how to secure an OData Service using Attribute-based Access Control

Seems reasonable to say that AI is in a railway mania bubble, the kind where there is too much hype for a technology that actually has decisive long-term value. But if so, where's the decentralised…

Around 8 years ago I purchased a Synology NAS which has been working great since. I only had a power supply failure, which could be easily replaced. Drives have been running smoothly without any…

“Intelligence” is an overloaded concept in that the term may refer to a variety of items, actions, and deliverables. Attempts to define intelligence have existed for decades, and for a seemingly…

Yesterday many of you in India may have received the test alert with your phone going off in vibration and sound mode from the Govt. It got me to look up the tech stack that enables this. I wanted to…

I keep coming back to the wave of companies that made infrastructure feel easy, and what coding agents are doing to the layer of convenience they were quietly selling.

Build your own golden Ubuntu Server image with root on ZFS using the subiquity installer's autoinstall feature.

In October 2026 the Key-Signing Key of the DNS Root Zone will rolled to a new value. Can we measure how well DNS Resolvers that perform DNSSEC validation are prepared for this change in the trusted…

So like a week ago I broke npm on my computer and I have no clue how to fix this. This is a problem because I use eleventy to compile my website and this blog, and that is a node package. I actually…

Generate keys, configuration, test

Table added for Privex and 99stack

ops we downloaded to much

For some reason, running Claude Code directly on the remote server is either slow or unreliable. I prefer having a local development environment, but all changes get synchronized to the remote server…

A brief guide to network and cybersecurity in New Zealand, covering threats, defences and how telcos and agencies protect critical infrastructure.

I have a pre-installed pool heat pump - an “AcquaSource” branded unit, the kind you can buy at any pool store in Europe - which supports WiFi. The App called “Pool Panel” wasn’t pretty, but it worked…

Modern software development terrifies me for many reasons, but more than anything what terrifies me the most is the massive dependency supply chain. Almost daily I hear about some new NPM package…

Reversing fairplay_lib_x64.dll, the native behind mcsrfairplay, the Minecraft speedrun integrity mod.

I can never remember how to set up a Raspberry Pi. Every time I flash an SD card, I end up searching for the same wifi configuration, the same SSH setup, the same boot options. During my recent…

There was recently a really good thread about the Copy Fail vulnerability between Will Dormann and Greg K-H. The TL;DR is that vulnerability reporting and disclosure is in a weird state of flux. This…

Moving from on-prem to cloud changed the tooling, speed, and scaling model, but not the core laws of systems design. Capacity, latency, state, failure handling, and topology still matter just as…