• You say Kah-say-ah, I say Kuy-see-ya, let’s call the whole thing off

    You say Kah-say-ah, I say Kuy-see-ya, let’s call the whole thing off

    Just to clarify all the things, here are what you should take away from the REvil Kaseya exploit: Kaseya was working on a patch for a properly disclosed vulnerability and doing everything right until someone else found out there was a vulnerability and then it was all over. We don’t have proof the exploit was […]

  • Gogol it (some gogolesque notes on legitimate cloud service abuse)

    Gogol it (some gogolesque notes on legitimate cloud service abuse)

    Does that traffic to commercial public cloud services and web-based applications seem legitimate to you? Bad actors are abusing the shit out of cloud services: Google Docs, Google Forms, Discord, and others, concealing their badness in TLS and the reputation of big cloud brands. This post is an ongoing notebook on both found abuses of […]

  • No. No, you can’t.

    No. No, you can’t.
  • The things we carry

    The things we carry

    If you live at all, you have traumas and losses and scars. Some you get over, some you grow from, and some can haunt you for the rest of your life or pop up unexpectedly when you hear a name or a sound or a phrase, or when you see something that reminds you of […]

  • A random observation on structural and actual racism

    A random observation on structural and actual racism

    I recognize that some people have lived their lives without actually witnessing systemic racism, or even reflecting upon what systemic racism means. And there are clearly blessed, privileged people have never considered how the system that protects their privilege could oppress people who don’t look like them. Some of these people respond with fear and […]