NotMint: Building a Self-Hosted Finance Dashboard with Bank-Grade Security
When Mint shut down, I built NotMint -- a self-hosted finance dashboard with SimpleFIN, passkey auth, AES-256-GCM encryption, and zero-trust networking.
Read more
AI File Upload Security: Implementation Guide
A practical implementation guide for securing file upload pipelines in LLM applications. Covers AWS services configuration, sandboxed parsing setup, content disarmament, and verification procedures with specific commands and code examples.
AI File Upload Security Advisory: Untrusted File Pipeline for LLM Context
A comprehensive advisory on securing file upload pipelines for LLM applications. Covers parser exploits, prompt injection vectors, and defense-in-depth architectures based on CVE-2025-66516 and OWASP Agentic Top 10 2026.
The War on Truth: Why the Killing of Journalists Must Stop
The assassination attempt on journalist Steve Sweeney in March 2026 is not isolated but part of a documented pattern of targeting journalists who document atrocities. International law explicitly protects journalists as civilians, yet the killing continues with near-total impunity.
Why Static SBOMs Are Dead in 2026
Static SBOMs create a false sense of security. They document what you have, but not whether it was built safely, whether the build process was compromised, or whether your dependencies are still trustworthy. Here's what real hardening looks like.