Idk how many times I've installed Obsidian at this point. I think at least 25. Only to uninstall no more than 5 days later.

I'd rather see a heads up to ham fisted amateurs like me to just not.

I get very frustrated when feel like I can see a really different future of infosec and yet at the same time I'm fiddling with legacy paradigms and old thinking.

There are two types of security teams right now, legacy and forward looking. Which teams have you seen that are turning the corner?

By the way, we just published another privilege-escalation CVE in ingress-nginx: github.com/kubernetes/k...

🚨 This will be the final, final release. Please migrate off ingress-nginx as soon as possible. 🚨

Reminder to pay attention to all those things calling themselves a sandbox. Especially looking at you "docker sandbox".

The irony that a k8s seccomp generation tool had an overly restritive seccomp policy _on itself_ causing it to crash and not generate seccomp profiles, is a fantastic example of the problem. Thanks.

Yeah, but does your city have...

I use a couple of investment vehicles for this. By that I mean the school buses filled with gold doubloons buried in my back yard

A quick video of the current home of Rochester 2600. Thanks to Forrest. Not shown here: The earthquake button that simulates what it would be like working for a tech company in San Francisco.

Jason Snitker - "Parmaster" Memorial Service - Feb 28, 2026 YouTube video by Deb Kavaler Wysopal

🕯️ Par’s Memorial 🕯️
Link below.

Please watch the CHAT video in the description.

Rest in peace, Jason Snitker
Legend. Always.

youtu.be/0qMRIZWCrJw?...

I always exhaust myself putting together a talk and the cycles are always the same:
* I have a good idea
* Write out talk for idea
* I hate my idea
* Smash head against keyboard, write dozen new tools, hack previous slides to shambles, throw gibberish placeholders into a new deck
* ...
* Present

Rule #608: It's handy to have a local mirror of a random swath of 3000 container images for emergencies.

Also if you understand this you know it doesn't matter. 😁

Seccomp container profile bypass: runc casts your seccomp's errnoRet to int16 before passing it to libseccomp.

errnoRet=65536 > int16(0) > SCMP_ACT_ERRNO(0) > kernel returns 0 errors == syscall goes from blocked to allowed

I need to hear this as much as anyone: In 2026, nobody will care if you were right

And after all these years it still has a "banged-together-in-a-weekend" vibe which is nice that it stays true to its roots.

a man with sweat running down his face looks at the camera ALT: a man with sweat running down his face looks at the camera

Present in front of 1000 people. No biggy. Present in front of the guy that wrote App Armor.

Inside the story of the US defense contractor who leaked hacking tools to Russia | TechCrunch The former boss of a U.S. hacking tools maker was jailed for selling highly sensitive software exploits to a Russian broker. This is how we first learned of his arrest, reported the story, and some of...

NEW: For months, I’ve been working on the story of Peter Williams, the former U.S. defense contractor who stole several hacking tools and then sold them to a Russian broker.

Here’s what we know about the case, what we still don’t know, and a peek behind the scenes at how I reported this story.

Please submit all Cries For Help as a Jira ticket and a member of our team will triage and then ignore you within 5 business days.

It's been a while since I've been working on some stuff and went "it would be even better if this had it's own domain..."

GitHub - beelzebub-labs/azazel: eBPF-powered silent observer for containerized runtimes, built for malware analysis sandboxes and Agentic AI monitoring. eBPF-powered silent observer for containerized runtimes, built for malware analysis sandboxes and Agentic AI monitoring. - beelzebub-labs/azazel

I have a visceral reaction to this stuff because we are repeating history. Keep them coming. The corpus grows.

github.com/beelzebub-la...

I'm pretending that all the spelling mistakes I make are just to prove my doc was written by a humman

BSidesSF 2026: 📕 Sandboxes, Seccomp, and Syscalls: Chas... View more about this event at BSidesSF 2026

My talk "Sandboxes, Seccomp, and Syscalls: Chasing Isolation in Kubernetes" was officially accepted for @BSidesSF! Pretty excited about this. See you there? sched.co/2E1hS

My BSidesSF talk was accepted! I've always had a lot of respect for this con so I'm excited to be chosen. Details aren't out yet but I still get really psyched and nervous for talks like this. LFG

Good morning Vitamin D deficiency. Where's the Andrew Huberman protocol for when you haven't seen the sun in 3 months and your country is collapsing. Zinc?

The @bsidesbuffalo.bsky.social CFP is still open through March. You should submit that talk idea that you have. Reasons why:
* It'll be an even better idea once you write it down
* You're going to kick yourself in a month for not submitting
* You're smarter than you think

www.bsidesbuffalo.org/cfp/

Security researcher finds 287 Chrome extensions leaking data : Add-ons with 37M installs leak visited URLs to 30+ recipients, researcher says

"A security researcher has identified 287 Chrome extensions that allegedly exfiltrate browsing history data for an estimated 37.4 million installations"

Recipients: data brokers like Similarweb. Roughly 1% of Chrome users affected. Just don't use extensions 😢
www.theregister.com/2026/02/11/s...

find . -name "web*" > /dev/null 😠🤜☁️

WebMCP is available for early preview  |  Blog  |  Chrome for Developers WebMCP aims to provide a standard way for exposing structured tools, ensuring AI agents can perform actions on your site with increased speed, reliability, and precision.

Stop putting "web" in front of everything and baking it into my browser please. share.google/g1BLx3vSyC1z...

I swear to god if you kids don't stop talking about Brownian Ratchets I'm turning this car around!