Things I build, break, fix, and write about

8 July 2026
Local DNS proxy now preserves DNSSEC records

Cloudflare One Client for Windows now leaves DNSSEC records alone, which is exactly the sort of change I like, because it stops the client quietly meddling with answers. I have seen enough broken name resolution to know that a neat tunnel can still hide a messy DNS state.

8 July 2026
Cloudflare One Client for macOS DNS search suffixes

Cloudflare One Client for macOS can make a short hostname behave very differently, and most of the pain sits in the suffix list rather than DNS itself...

7 July 2026
Tracing acme.sh certificate handling in TLS interception

I spent too long chasing the neat version of TLS wiretapping reconstruction, then found the mess: shell parsing, token limits, and renewal timing. The...

7 July 2026
Reverse engineering game binaries with static analysis

Game binaries give up more than they should, if you know where to look. I start with binary analysis, not the folklore around the game, then use...

Latest blog posts you might like

24 June 2026
GitHub source code exposure via third-party tooling

GitHub source code exposure rarely starts with the platform itself, it starts with something trusted too much. I care less about the headline breach than the awkward bit underneath, where a...

24 June 2026
Data exfiltration signs from signed Setup.exe flows

Signed `Setup.exe` did not fool me for long, because the runtime behaviour was wrong from the start. The interesting bit in cloud environment exfiltration is usually the small `.config` file beside it...

23 June 2026
Hardening ig build against command injection

Inspektor Gadget OCI images sound harmless until a build value slips into shell syntax and the pipeline starts executing it for you. I prefer build steps that stay boring, because once they stop being...

23 June 2026
Prototype pollution in Adobe Acrobat PDF code paths

Prototype pollution in Adobe Acrobat PDF code paths is not a neat edge case, it is what happens when privileged JavaScript trusts the wrong shape of data. I keep coming back to the same point,...

22 June 2026
Human-in-the-loop AI pentesting for exploit paths

AI pentesting is useful when it speeds up the grunt work and leaves judgement where it belongs. I care less about noisy findings than about whether a small mistake can be chained into a working path,...

22 June 2026
Formal verification boundaries in corecrypto

corecrypto formal verification is useful right up to the point where the code stops being plain C. I trust the proof more than the marketing, but only if the compiler output still looks like the model...

22 June 2026
Weekly Tech Digest | 22 Jun 2026

Stay updated with the latest in tech! This digest covers AI ethics, auto industry shifts, and the impact of politics on technology, exploring today's pressing issues.

21 June 2026
pipe_buffer tmp_page reuse in Linux kernel

tmp_page reuse sounds neat until you try to make it behave, and then the pipe accounting starts getting in the way. I have found the useful part is usually not the obvious corruption, but the ugly...

21 June 2026
GitHub exposure of AWS GovCloud credentials

Public repos are brilliant at preserving bad decisions, and AWS GovCloud credentials are exactly the sort of thing that should never survive a commit. Once they are out, the clean-up is only half the...

20 June 2026
Hardening consumer routers against botnet abuse

Consumer routers are still being dragged into IoT botnets because the easy mistakes never went away, default logins, exposed admin pages, and forgotten services. I would rather spend ten minutes...