The Smartness Tax: Hidden Costs of Over-Engineered Code
The most sophisticated code in your codebase might be the most expensive to maintain. Here's why deleting clever components often improves everything.
Read more
Farewell to the Blog - The Site Is Shutting Down
After publishing here for months, I'm moving my writing to X. Here's why and where to find me going forward. I've been writing on this blog for a long time. Long enough that the posts span different eras of how I thought about security,
Oil Refinery Explosions 2026: The Global Infrastructure Campaign Nobody Is Talking About
Ten refineries destroyed in 21 days across four continents. All reported as unrelated accidents. Here is what the pattern reveals and what you can actually do about it.
Why 'Check the URL' Is Broken Advice: Homograph Attacks in 2026
Homograph attacks have been known for two decades, yet they still fool even security-conscious users. The problem isn't awareness. It's that checking URLs visually exploits a fundamental mismatch between how computers see characters and how humans see them.
The Economics of Ransomware: Why Paying Ransoms Often Costs More Than Recovery
What if the ransom you negotiate today funds the attack that takes your business offline tomorrow? That's the paradox at the heart of ransomware economics. When organizations face an active incident, the pressure to pay feels overwhelming. Executives see the ransom demand, do the math, and conclude that