For when rants trigger RCU stall detection

LinkedIn loads JavaScript that probes for installed browser extensions — thousands of them, including competitors’ sales tools, grammar checkers, and religious or political plugins. LinkedIn acknowledges this, but frames it as anti-scraping and abuse prevention. The question is not whether extension detection happens. It is how the results are used and stored? So the situation is not “hidden conspiracy script discovered”, it is “known technique used aggressively enough that it has triggered class actions”. ...

This is not incompetence. It is the system behaving exactly as it did before, including in the room where the review takes place. Describing the incident instead of explaining it Most incident post-mortems or retrospectives reconstruct the sequence of events. What happened, in what order, and what could have been done differently. Useful, but shallow. The more important question is usually skipped: what had to be true about the organisation for this to happen at all? ...

Most organisations are aware of this. Very few act on it. The result is a detection posture that looks busy, looks measured, and quietly fails in the places that matter. This is where breaches tend to settle in and make themselves comfortable. A library of yesterday’s attacks Detection engineering is usually reactive. Something happens, a technique is identified, a rule is written. Over time this builds a library of detections that reflects what has already been seen, filtered through whatever incidents and intelligence happened to reach the team. ...

Capture the Flag (CTF) exercises are one of the better formats security learning has produced. Participants can work at their own pace, choose what to engage with, encounter real obstacles, and get immediate feedback when something works or does not. For learning technical skills, this is close to ideal. Most CTFs do not deliver on this potential. Not because they are badly designed, but because they are designed to do something else. Many optimise for engagement, competition, or recruitment. In that context, teaching people to solve CTF challenges is not a failure. It is the goal. ...

Architecture reviews exist to catch problems before they become expensive. In practice, most reviews catch a different set of problems from the ones they were designed to find, and miss a different set from the ones that will eventually cause trouble. This is not because the reviewers lack competence. It is because most architecture reviews are not designed to produce understanding. They are designed to produce alignment and distribute accountability. Once that is the function, the outcome is predictable. ...

There’s a fundamental problem with learning operational technology security: the things you need to test are the things you absolutely must not break. This creates what educational theorists call “a bit of a pickle” and what facility operators call “no, you’re definitely not touching the production turbines with your laptop.” It’s rather like learning to defuse bombs. The theory is straightforward, the practise is somewhat more stressful, and mistakes tend to be memorable for everyone in the vicinity. In OT security, mistakes might not result in explosions (usually), but they can shut down production, trigger safety systems, or cause equipment damage. These outcomes are suboptimal for learning environments and remarkably unpopular with operations teams who prefer their turbines spinning at correct speeds rather than serving as expensive educational exhibits. ...

The thing about a city that runs on light, logic, and the quiet hum of routers was that it had a peculiar sense of humour. The Scarlet Semaphore, you see, was never meant to be a threat. In a dusty attic above a curry house that did suspiciously good chips, they were a hackerspace, a guild of tinkerers. Their charter was one of curiosity, not conquest. They poked at systems to see how they squeaked, a digital version of kicking tyres. Their latest project was Operation Red Lantern, targeting the Guild Registry, a dusty, important, and frankly rather pompous piece of civic plumbing that controlled professional certifications. It was, in their view, begging for a gentle nudge. ...

I am inviting you to the Indigo Observatory, a peculiar corner of the internet where current events get filtered through Discworld metaphors, and where watching the status quo maintain itself becomes both entertaining and only slightly depressing. If you are looking for breathless enthusiasm about how technology and politics are definitely getting better, it is not for you. If you want someone to point out that Lord Vetinari’s approach to governance looks suspiciously like modern Western democracies, whilst finding this observation darkly amusing, then grab a cup of tea and settle in. ...

Europe mandates hundreds of thousands of companies to meet stringent cybersecurity standards, yet the auditor pool is woefully small.

An uncomfortable truth: Every byte uploaded to AWS, Azure, or Google Cloud isn’t just data, it’s cloud capital. Coined by economist Yanis Varoufakis, the term captures how tech giants transform your digital activity into privatised infrastructure. It’s not merely about hosting files; it’s about hoarding power. And right now, the US holds the keys, turning Europe into a lodger in its digital manor. But there is an alternative: cloud-on-prem, a return to digital self-sufficiency, and European providers like Hetzner, who offer control, compliance, and a way to starve the beast. Think of it less as going backwards and more as refusing to pay rent to your colonial landlord. ...