Skip to content
← home

tag

#hot-takes

69 posts

Short-form takes — quick reactions and sharp one-liners.

Hot Takes

You get to choose your hard

Being known for what you're against is easy. Being known for what you're for is hard. You get to choose…

10 Jul 2026 · 1 min read
Hot Takes

It's con season

It's con season — Black Hat, DEF CON, and the summer security-conference circuit are nearly here. The best research of the year…

09 Jul 2026 · 1 min read
Hot Takes

Find it and fix it

A fun exercise: run various models against deliberately vulnerable apps, and eval them on their ability to identify the vulns and effectively patch them…

08 Jul 2026 · 1 min read
Hot Takes

Prompt-injection bumper stickers

Prompt injection is climbing out of the chat box and into the physical world. Print an adversarial instruction big enough for a camera to…

07 Jul 2026 · 1 min read
Hot Takes

Words mean things

If the AI era teaches you anything, let it be the lesson that words mean things.…

06 Jul 2026 · 1 min read
Thinking

The top five turtles in a stack of 50

AI defense and code review get the funding, but hospitals still run XP and Ivanti falls over weekly. The security industry is ignoring 45 of its 50 turtles.…

02 May 2026 · 1 min read
Thinking

Cryptographically enforced disclosure

A speculative proposal: cryptographically enforced vulnerability disclosure using a drand-triggered dead-man switch to make CVD fallback dates unbreakable.…

01 May 2026 · 1 min read
Security

Peacetime cyber versus wartime cyber

Cyber defense doctrine was built during 15 years of peacetime; the transition to wartime and austerity demands a rewrite of what we accept as polite.…

30 Apr 2026 · 1 min read
Security

AI isn't the problem — asymmetry is

AI isn't the security problem — it widens the asymmetry between vulnerability discovery and remediation, putting attack capability in many more hands.…

27 Apr 2026 · 1 min read
Security

Mythos feels a lot like Snowden

Mythos is to vulnerability awareness what Snowden was to surveillance: the moment the zeitgeist finally caught up to what insiders already knew.…

26 Apr 2026 · 1 min read
Hot Takes

Security-focussed test/fix is basically “sparkling QA”

A short reaction to Firefox's claim that AI-found defects are finite: security-focused test-and-fix is basically QA wearing a fancier hat.…

25 Apr 2026 · 1 min read
Thinking

We don't have a slop problem.

The real security problem isn't AI slop — it's that vulnerability research and the broader industry can't prioritize what actually matters in the noise.…

24 Apr 2026 · 1 min read