The film industry is running out of ideas. I know this because they have made 10 (20?) films about a group of people who drive cars aggressively (sometimes into space) and called it a franchise. Meanwhile, the entire cybersecurity industry is sitting here, completely unrepresented, absolutely bursting with the raw material of cinematic gold.Allow me … Continue reading Cybersecurity films that need to be made →

KB4con 2026 had Alex Honnold as a keynote speaker. He's someone who climbs extremely tall mountains with no ropes and no safety equipment. Just him, the rock, and a Wil-e-coyote style ending if anything goes slightly wrong. I have sat through a lot of conference keynotes. Former heads of state explaining that leadership is important. … Continue reading Alex Honnold and Other Keynote Choices →

Been a busy week. Stockholm is gorgeous in summer. The Ransomware Gang That Got Ransomed The Gentlemen ran their operation like McKinsey with malware. Tiered service levels, customer support, even an HR department. Then someone breached them using their own playbook. Turns out even criminal management consultants aren't immune to the fundamentals. You'd think people … Continue reading Breach of confidence: 22 May 2026 →

The Infosec Community Vibe Check is a recurring look at what the security community has been talking about across the Fediverse — primarily on infosec.exchange, mastodon.social, chaos.social, and defcon.social. This isn't a scientific survey. It's based on who I follow, what surfaced in my timeline during the reporting period, and the themes that kept coming … Continue reading Two Weeks in Cybersecurity… Still Cynical, Still Broken, Still Surprised →

I saw what might have been the coolest dog in Florida this week. Got a better photo the second time. Still not sure if that's a compliment to the dog or an indictment of Florida. They Just Log In Attackers stopped breaking in years ago. They log in as you now. World Password Day has … Continue reading Breach of Confidence 15 May 2026 →

I've been thinking about trust lately. Not in the abstract philosophical sense, but in the "who do you hand your house keys to" sense. Which is unfortunate timing, because this week's news suggests we've been handing our keys to some truly questionable characters. The Protection Racket Made Digital A DDoS protection firm got caught running … Continue reading Breach of Confidence: 8 May 2026 →

I may be in the minority, but I quite enjoyed Predator Badlands. But that's not the point. The movie follows a young Predator called Dek who reluctantly teams up with Thia, a damaged android. He only agrees because he can rationalise her as a tool rather than a companion. His code says hunt alone. But … Continue reading The Dek Principle →

I've been thinking about coal mines. How you dig a hole in the earth, extract everything valuable, leave a scar, and walk away. Then someone comes along decades later and says, what if we filled it with water and made it beautiful? Feels like a metaphor for something, but I can't quite land it. Germany … Continue reading Breach of Confidence 1 May 2026 →

There's a bloke on Twitter who spent three hours writing a passionate thread about AI ruining the internet. There was quite the debate, and someone asked if he'd ever used Grammarly. That's the whole story, really. People call AI content "slop" with contempt reserved for microwaving fish at the office. But there's plenty of human … Continue reading The Slop Problem Isn’t What You Think →

My wife is currently away, leaving me in charge of our domestic administration. I admit that I do enjoy the power trip. She asked me last night if I could pay an invoice, "the email should have details." It sounded easy enough. It's not like she was asking me to assemble an Ikea wardrobe. In … Continue reading The Tyranny of Security →