I build and think a lot about cyber agents — AI systems that read code, call tools, touch infrastructure, and increasingly do real work without a human watching every step. So when Google DeepMind published GDM AI Control Roadmap (v0.1) (Phuong, Jenner, Simon, Ho, Shah, Farquhar & Coull, 2026), it piqued my interest. It’s the clearest articulation I’ve seen of a simple, slightly uncomfortable idea: the most useful framing for securing AI agents is to treat them as a potential insider threat — and to borrow, almost wholesale, the playbook we already use against malicious employees.

On Friday, March 29, 2024, a Microsoft engineer named Andres Freund sent an email to the oss-security mailing list that quietly averted what might have been the most consequential supply-chain compromise in the history of open source. He had been chasing a performance oddity — SSH logins on a Debian test system were running about half a second slower than they should have, and liblzma was burning suspicious amounts of CPU. What he found at the bottom of that rabbit hole was a deliberately planted backdoor in XZ Utils, a compression library that ships in virtually every Linux distribution on Earth.

A condensed walkthrough of the 42Challenge boot-to-root box from VulnHub. The fun of this one isn’t a single CVE — it’s chaining a chain of small weaknesses: a client-side filter, a local file include, log poisoning, a backup file, and a little reverse engineering. The methodology generalizes well beyond this box.

Introduction

iSCSI (Internet Small Computer Systems Interface) is a powerful protocol that allows you to extend storage capabilities over a network. Whether you’re managing a home office setup or a full-fledged data center, iSCSI can help you integrate Network Attached Storage (NAS) devices with hypervisors like VMware ESXi. However, like any network device, iSCSI presents a number of security vulnerabilities and attack surfaces that must be considered. This guide will explore the iSCSI protocol, its applications, and various security considerations to ensure your data remains protected.

Secure Boot is a rather cryptic and opaque security setting on your computer. In most circumstances, it’s something you or your computer’s vendor will configure in your machine’s BIOS, and then forget about. Occasionally, you might be tempted to disable this setting to facilitate custom boot scenarios, install certain hardware, or perform boutique configurations to your machine. However, Secure Boot is an essential protection mechanism to help keep your computer safe from the most dangerous and sophisticated cyber security threats.

Here’s a great tutorial on DuckDB and parquet: Querying Parquet with Precision using DuckDB

Google Cloud Build is an amazing and powerful capability and my favorite GCP service.

Working on code blocks

I’m installing VMWare Workstation on Linux Ubuntu 20, and had trouble with it not starting. The issue was related to Linux not being able to compile and install vmmon and vmnet kernel modules.

Google Dataproc, Presto, and Jupyter

I ended up copying some links over from my work page so I can have them out in the wild.

OK I’m opening this blog to help track my various activities and lessons learned. Hoping to capture good gists and also code snippets, links, and more.

Next you can update your site name, avatar and other options using the _config.yml file in the root of your repository (shown below).