Things I build, break, fix, and write about

7 July 2026
Tracing acme.sh certificate handling in TLS interception

I spent too long chasing the neat version of TLS wiretapping reconstruction, then found the mess: shell parsing, token limits, and renewal timing. The interesting bit is not the packet capture, it is the point where certificate handling quietly hands trust to something you did not mean to trust.

7 July 2026
Reverse engineering game binaries with static analysis

Game binaries give up more than they should, if you know where to look. I start with binary analysis, not the folklore around the game, then use...

6 July 2026
Agentic AI still needs domain judgement

Agentic AI can write the thing, but it still cannot tell you whether the thing is right. That is where domain expertise matters, because a clean...

6 July 2026
Weekly Tech Digest | 06 Jul 2026

Stay updated with the latest in tech! This digest covers AI ethics, auto industry shifts, and the impact of politics on technology, exploring today's...

Latest blog posts you might like

12 April 2026
Isolating n8n in Docker: network policies and backup

Running n8n in your homelab without proper isolation is a liability. CVE-2025-68613 lets authenticated users execute code with container privileges; if that container sits on your default Docker...

11 April 2026
Running local agentic AI coding workflows without cloud subscriptions

Running a local model means no quota walls, no token metre ticking, and no surprise bills when the agent loops through ten reasoning steps. Cloud coding assistants collapse under agentic use; local...

11 April 2026
n8n | stable

n8n 2 15 1 released: fixes Google Drive v1 infinite pagination loop, upgrade to 2 15 1, test Drive workflows, report regressions, roll back to 2 15 0 if needed

10 April 2026
Blocking residential proxy traffic with stateful firewall rules

Most home routers allow everything outbound by default, which is exactly how AVRecon persisted undetected for six years. A stateful firewall with explicit outbound rules and network segmentation...

9 April 2026
Personal health data needs local storage, not cloud

Health data inside a corporate platform means health data inside a jurisdiction you do not control, encrypted or not. Self-hosting it locally—with proper backups and audit trails—trades convenience...

7 April 2026
Stopping lateral movement in homelabs: ACLs, VLAN isolation, and process confinement

A compromised host on a flat network can reach every other node without crossing a single firewall rule. Network perimeter checks are useless if the interior is trusted by default; that is where...

6 April 2026
Air-gapped browsing in homelabs: containment without

A 48-hour gap between exploit discovery and patch deployment is normal, not exceptional. Browser isolation in your homelab is not about making the browser safe; it is about making sure a compromised...

6 April 2026
Amazon Fire TV Stick HD and 2 more Amazon tech bargains

Discover the Amazon Fire TV Stick HD and more tech deals this week.

5 April 2026
Process jails and kernel isolation for untrusted agent code

Running untrusted AI agents in standard Docker containers leaves you exposed to kernel exploits that bypass every namespace and policy you've layered on top. MicroVMs add a hardware boundary that...

3 April 2026
Using IP Reputation Data from Operation Synergia in Your Botnet Firewall Rules

Operation Synergia III sinkholed 45,000 botnet and malware IPs across 72 countries with law enforcement backing. That chain of custody makes the data worth blocking at your firewall; the catch is that...