@[email protected]
2K Followers
1.5K Following
265 Posts
I do Cloud Security
Websitehttps://www.cirriustech.co.uk/
LinkedInhttps://uk.linkedin.com/in/graham-gold
GitHubhttps://github.com/goldjg
Ko-Fihttps://ko-fi.com/cirriustech
 19h ago

The problem isn’t the model.

It’s the workflow.

If you’ve ever found yourself on turn 15, fixing a fix of a fix, watching cost go up and confidence go down, this will feel familiar.

I stopped trying to prompt my way out of it and started structuring the work instead.

https://cirriustech.co.uk/blog/agile-agentic-development-lifecycle/

Sculpting with Agents: From Prompting to the Agile Agentic Development Life Cycle (AADLC)

How cost pressure, structured baselines, clean context, and multi-model orchestration led to a practical agentic SDLC.

CirriusTech | Serious About Tech
 1d ago
Chief TWiT 1d ago

Well this is concerning.

I just suspended 14 Russian LLM generated bot accounts that were created around April 17 on my Mastodon instance, twit.social. Somehow they circumvented manual registration approval. I've turned on Captchas (much as I hate them) for new member requests in the hopes that will stop the bots. They must have discovered a registration bypass bug.

Thanks to IFTAS SW-ISAC for noting and reporting the bots.

Show thread 3d ago
Root cause: User
Contributing factors: sneeze event + dual-wielding hot beverages
Impact: one (1) hand, slightly ventilated
Mitigation: solid first aid, ring removed, escalation planned
Status: stable, pending stitches
 3d ago
Ooooops
 4d ago

https://cirriustech.co.uk/blog/copy-fail-mitigation-testing/

Copy.Fail: When the Kernel Trusts Too Much
A deep dive into CVE-2026-31431 -- a Linux kernel primitive that turns containers into stepping stones, and why seccomp might be your fastest seatbelt.

Copy.Fail: When the Kernel Trusts Too Much

A deep dive into CVE-2026-31431 -- a Linux kernel primitive that turns containers into stepping stones, and why seccomp might be your fastest seatbelt.

CirriusTech | Serious About Tech
 Apr 26

We all understand water.
Until we don’t.

Tagging @adamshostack because I link to his work :)

https://cirriustech.co.uk/blog/elemental/

EleMENTAL

We all understand water. Until we don’t. A reflection on foundations, assumptions, and why security fails in ways we don’t expect.

CirriusTech | Serious About Tech
 Apr 24
Goodnight Stockholm, we barely knew ye
 Apr 24
“Block Rogue Nations” using IP Geolocation - the fallacy that keeps persisting. If it can be proxied, replayed, or rewritten, it’s not identity - it’s context. Lessons we keep needing to teach (guess who is playing in China? UK telco roaming is backhauling and proxying through UK infrastructure without me needing to VPN to access stuff China blocks 😂)
Show thread Apr 23
Assuming not cyber related but @GossiTheDog may know?
 Apr 23
Deep joy