-
Calif’s Bold Claims; Missing Receipts
Here we go again, more Mythos rumors and claims to unpack. I wrote a lengthy blog on Anthropic, Glasswing, and Mythos just over a month ago but this is about a very specific event and set of claims. A significant reason I am writing this is due to what I believe are poorly written headlines…
-
Noise2Signal Podcast: Which Does the Squirrel Bring?
For those not familiar, Mehul Revankar recently started a podcast named Noise2Signal. While there are a lot of podcasts out there and it is easy to lose track, this one stands out as Mehul has connections with a lot of folks that are significant in the history of information security. In fact, he interviewed Renaud…
-
Amazon Auto-buy: A Slick New Feature
For half a year now, I have been using a third-party site (Keepa) to track movie prices on Amazon (and a few other sites), waiting for them to drop to the price I will pay. New movies are often released on physical media at fairly absurd rates. Almost fifty dollars for a new release when…
-
Security vs Security Theatre; A Lesson for Abbott
Security theater, as defined by Wikipedia, “is the practice of implementing security measures that are considered to provide the feeling of improved security while doing little or nothing to achieve it.” This is a common term used by information security professionals and has been a concept for a long, long time. I recently pointed it…
-
The NVD Shell Game & Schrödinger’s Enriched Vulnerability
I know, yet another blog about the National Vulnerability Database’s (NVD) ever-changing numbers?! That’s right, and I am not talking about the changes between April 14 and 15th. The numbers changed significantly because of the way NVD displayed statistics on their dashboard before a dramatic change in their enrichment policy. At VulnCon 2026, Harold Booth…
-
The Night I Almost Died
I write a lot. Most recently it has been about information security, movie reviews, so-called AI, and a few other topics. It’s been four years since I blogged about my poor experience with Abbott’s Libre2 glucose sensor technology and all the shortcomings. Since then I have tweeted to them a considerable amount when my continuous…
-
Starfleet Academy; The Review
Starfleet Academy (SA), the latest TV show in the Star Trek line, debuted this year with a lot of fanfare and a fair share of drama. The show almost immediately hit the news with cries of it being “too woke”. The Washington Times headline called it a “woke culture war casualty” and Outkick said the…
-
Why Data From So Many Breaches Never Sees the Light of Day
Months ago I was chatting with a colleague about a recent data leak (a.k.a. Data breach), as we tend to do in this industry. Those terms are defined by Microsoft as “an unauthorized disclosure of sensitive, confidential, or personal information from an organization’s systems or networks to an external party“. Any time I see an…
-
InfoSec News (ISN) Mail List History
As early as 1996, I created a mail list called InfoSec News (ISN) which initially was to share news about the industry. At the time, there were no online news sites covering the topic with any regularity and most were hobbies at best. So the original list had many articles that I had typed in…
-
An AI agent destroyed … hey wait a minute!
Yesterday many people ran across a headline that was shocking, and repetitive. This time it read “‘Gone in 9 seconds’: Claude-powered AI agent deletes startup’s entire database“. For myself, the first thing I had to do was check the date of the article because I swore I had just read about this recently. Yep, April…