Things I build, break, fix, and write about

6 July 2026
Agentic AI still needs domain judgement

Agentic AI can write the thing, but it still cannot tell you whether the thing is right. That is where domain expertise matters, because a clean config or neat bit of glue logic can still be wrong in the way that only shows up in production.

6 July 2026
Weekly Tech Digest | 06 Jul 2026

Stay updated with the latest in tech! This digest covers AI ethics, auto industry shifts, and the impact of politics on technology, exploring today's...

6 July 2026
wolfCOSE zero-allocation parsing in embedded C

wolfCOSE looks sensible only if you care about what your firmware actually has to carry. I like that, because on small targets the wrong crypto...

5 July 2026
Layout trade-offs in Design Engineering Magazine

Design Engineering Magazine only works if the structure holds under real reading, not just in a tidy mock-up. I care less about pretty grids than...

Latest blog posts you might like

22 June 2026
Human-in-the-loop AI pentesting for exploit paths

AI pentesting is useful when it speeds up the grunt work and leaves judgement where it belongs. I care less about noisy findings than about whether a small mistake can be chained into a working path,...

22 June 2026
Formal verification boundaries in corecrypto

corecrypto formal verification is useful right up to the point where the code stops being plain C. I trust the proof more than the marketing, but only if the compiler output still looks like the model...

22 June 2026
Weekly Tech Digest | 22 Jun 2026

Stay updated with the latest in tech! This digest covers AI ethics, auto industry shifts, and the impact of politics on technology, exploring today's pressing issues.

21 June 2026
pipe_buffer tmp_page reuse in Linux kernel

tmp_page reuse sounds neat until you try to make it behave, and then the pipe accounting starts getting in the way. I have found the useful part is usually not the obvious corruption, but the ugly...

21 June 2026
GitHub exposure of AWS GovCloud credentials

Public repos are brilliant at preserving bad decisions, and AWS GovCloud credentials are exactly the sort of thing that should never survive a commit. Once they are out, the clean-up is only half the...

20 June 2026
Hardening consumer routers against botnet abuse

Consumer routers are still being dragged into IoT botnets because the easy mistakes never went away, default logins, exposed admin pages, and forgotten services. I would rather spend ten minutes...

20 June 2026
Rotating AWS GovCloud secrets after repo disclosure

AWS GovCloud credential leakage is not a tidy mistake, it is a time problem. Once a secret hits public GitHub, I treat revocation, search, and handoff as one job, because leaving even one copy alive...

19 June 2026
Checking Proxmox VE 9.2 cluster networking before upgrade

Before I touch Proxmox VE 9.2, I make the cluster prove itself under strain, because corosync, migration, and storage paths always fail in the places you skipped. A node that looks fine at idle can...

19 June 2026
Tracking false positives after managed rule merges

Cloudflare WAF rule merge changes more than a label, and I have seen neat alerting fall apart because the detection moved, not because the noise went away. If you are counting rule IDs, you may be...

18 June 2026
Adjust rule actions when Java deserialisation detection

Cloudflare Managed Ruleset changes are rarely neat, and this one is no exception. The old Java deserialisation beta rule went quiet while the real detection moved elsewhere, which is exactly how a...