That QR Code Changed Its Mind After You Scanned It
Why QR codes are not URLs, why mutability is the killer property, and how parking meter stickers, quishing campaigns, and wallet drainers all exploit the same....
The Fan Was the Only Alert That Worked
How CVE-2025-55182 (React2Shell) cryptojacked a forgotten Raspberry Pi running an unpatched Next....
The QR Code Industry Is a $13 Billion Shakedown
The QR code generator industry charges subscription fees for an open standard that takes three lines of code to implement....
The E-Signature Audit Trail Is Theater
The e-signature industry has conflated legally valid with cryptographically provable for 25 years. Courts are beginning to notice the difference, and so should you....
Your AI Doesn't Deserve Your Trust Yet
How to architect AI trust with deterministic guardrails: Pydantic validators, Redis kill switches, and OAuth scopes....
The Quantum Computing Threat to Crypto Is Overblown
Quantum computing won't break cryptocurrency for 15-30 years. Meanwhile, social engineering, bridge exploits, and insider threats stole $3.4 billion in 2025....
The Browser Is Your Best Security Sandbox
Modern browsers run untrusted code from millions of sources daily and contain threats successfully....
Watching a Friend Get Hacked in 1987
A 1987 BBS breach taught me about trust models, intrusion detection, and why security-through-obscurity always fails eventually....
Most Security Breaches Don't Matter
The security industry profits from fear. Most breaches have minimal impact while companies overspend on exotic threats....
My Web Crawler Crashed a Server at Los Alamos
How a homemade web crawler in 1993 crashed a Los Alamos server, the birth of robots.txt, and why AI companies are breaking the web etiquette that held for 30 years....
I Solved Spam in the 90s (Nobody Cared)
In the 1990s, I built RUM (Real User Mail) - a challenge-response system to fight spam. It worked. I never released it. Years later, the industry reinvented it....
The ASR Privacy Paradox
ASR systems need training data. Training data contains sensitive audio. How federated learning solves the conflict between ML requirements and privacy laws....