Technical Writing
Tech Blog
Cloud security, identity, infrastructure, and research. Deep dives, tools, and practical guidance.
The Model Isn't the Risk. The Harness Is (Part 3): Defending Against Runtime Abuse
Part 3 of 3. Practical defender guidance, a vendor due-diligence checklist, the final conclusions, and appendices - including a condensed attack tree and a reflection on what this analysis changes about AI security research.
The Model Isn't the Risk. The Harness Is (Part 2): Mapping the Trust Boundaries and the Attack Tree
Part 2 of 3. Five trust boundaries mapped in the leaked Claude Code runtime — and the attack tree that shows how they tear. Credential translation, control-plane abuse, state desync, and why prompt injection is not the whole story.
The Model Isn't the Risk. The Harness Is (Part 1): The Leak, the Context, and the Framework
Part 1 of 3. The Anthropic Claude Code source map leak — why the real story isn't the secrets that weren't there, it's the architecture that was. Introducing the three-phase methodology and what Phase 1 Recon revealed.
OID-See v1.1.0: External Identity Posture, iOS Support, and New Auth Methods
OID-See v1.1.0 adds JWT parsing and external identity posture, a universal graph view with iOS support, eight cross-tenant filter presets, new scanner authentication methods, and a fully Web Worker-backed architecture.
Self-Hosting Umami on Netlify + Azure: What I’d Do Differently (and Why Your Database Probably Isn’t the Problem)
A deep dive into deploying Umami with Netlify and Azure PostgreSQL, covering Prisma quirks, CSP pitfalls, cold start behaviour, cost trade-offs, and what I’d do differently next time.
Synthetic Authority and Constrained Probabilism: What Overloaded Minds Teach Us About AI
From Milgram to cognitive overload to modern agent systems, none of this is new. We are rediscovering decades of psychology the hard way - at machine speed.