Things I build, break, fix, and write about

7 July 2026
Tracing acme.sh certificate handling in TLS interception

I spent too long chasing the neat version of TLS wiretapping reconstruction, then found the mess: shell parsing, token limits, and renewal timing. The interesting bit is not the packet capture, it is the point where certificate handling quietly hands trust to something you did not mean to trust.

7 July 2026
Reverse engineering game binaries with static analysis

Game binaries give up more than they should, if you know where to look. I start with binary analysis, not the folklore around the game, then use...

6 July 2026
Agentic AI still needs domain judgement

Agentic AI can write the thing, but it still cannot tell you whether the thing is right. That is where domain expertise matters, because a clean...

6 July 2026
Weekly Tech Digest | 06 Jul 2026

Stay updated with the latest in tech! This digest covers AI ethics, auto industry shifts, and the impact of politics on technology, exploring today's...

Latest blog posts you might like

19 June 2026
Tracking false positives after managed rule merges

Cloudflare WAF rule merge changes more than a label, and I have seen neat alerting fall apart because the detection moved, not because the noise went away. If you are counting rule IDs, you may be...

18 June 2026
Adjust rule actions when Java deserialisation detection

Cloudflare Managed Ruleset changes are rarely neat, and this one is no exception. The old Java deserialisation beta rule went quiet while the real detection moved elsewhere, which is exactly how a...

18 June 2026
Assessing bot access control with URL Scanner API

Cloudflare URL Scanner Agent Readiness is useful because it shows where access breaks for machines, not where the dashboard looks neat. I trust it more when the score is awkward, because that is...

17 June 2026
nginx rewrite module heap corruption from escaped captures

nginx rewrite module heap corruption is one of those bugs I distrust on sight, because the failure sits in ordinary rewrite handling, not some odd corner. Once the length pass and copy pass disagree,...

17 June 2026
Tracking attack pattern detection in the Security Events

Cloudflare Managed Ruleset changes rarely arrive with much drama, which is exactly why I keep an eye on Security Events. A rule moving from beta to Block can alter the shape of the traffic overnight,...

16 June 2026
Using CONTENT_TYPE to split HTTP traffic by format

Cloudflare Radar API traffic share is one of those measures that looks tidy until you check the rules behind it. I like that; it stops you mistaking a neat chart for the truth, which is how you end up...

16 June 2026
Filter large zones in Cloudflare DNS records page

Cloudflare’s DNS records page is finally usable when a zone turns ugly, but only if you stop treating it like a flat list. I set filters, pin the useful row, and hide the clutter; otherwise I waste...

15 June 2026
Using network_id: 'cf1:network' with remote: true

I keep coming back to Cloudflare Workers VPC because the clever bit is not the binding, it is the return path. Set `remote: true` carelessly and you get traffic that looks fine on paper, then falls...

15 June 2026
Weekly Tech Digest | 15 Jun 2026

Stay updated with the latest in tech! This digest covers AI ethics, auto industry shifts, and the impact of politics on technology, exploring today's pressing issues.

15 June 2026
Use read-only access for Tunnel log streaming

Cloudflare Tunnel granular permissions are only worth having if they stay narrow. I prefer read-only access for log streaming, because diagnosis needs eyes on the connector, not a spare key to the...