Cybersecurity, privacy, and production-engineering writing. Long-form posts on how software actually behaves versus how it’s marketed.
Pickle is remote code execution by design. How attackers exploit ML model artifacts in CI/CD and shared storage, and the controls that actually contain the blast radius: restricted unpicklers, signing, sandboxing, and safer formats.
Treating ML artifacts with the same discipline as security-critical code. SHA-256 hashes, pinned versions, signed pickles, isolated deserialization, and audit trails for every prediction.
An English-language preservation of the 2015 investigation that found Dropbox reading files well outside its sync folder. Includes file-access audit code for macOS, Linux, and Windows.
Cloud chats are not end-to-end encrypted. Secret Chats are never the default. MTProto has documented weaknesses. What Telegram actually protects, and what to use instead.
Wear leveling, over-provisioning, and controller-side compression mean overwritten files on flash storage are usually still recoverable. What nvme format --ses=2 actually does, and when to destroy the drive instead.