Colan Schwartz

@colanschwartz
29 Followers
25 Following
161 Posts

Founder of @backupscale, Fractional CTO, Enterprise Cloud Architect, & SaaS/PaaS/IaaS Consultant. 🇨🇦

Interests: Cloud Architecture, Automation, Security, Privacy and Startups.

Webhttps://colan.pro/
LinkedInhttps://www.linkedin.com/in/colanschwartz/
GitLabhttps://gitlab.com/colan
LocationToronto, Canada
Colan SchwartzMay 29

Should we allow Claude Code write access to our Gitlab/Github/AzureDevOps/etc. projects, or just provide a read-only access token?

#gitlab #claudecode #ai #llm #trust #devops #cloudarchitecture #cloudcomputing

Yes, we trust the tool and can work much faster
15%
No, it's too risky, and it could corrupt/lose data
85%
Poll ended at .
Colan SchwartzMay 20
For the curious, the proper way to do this is to have a wiki page with links to entries in, e.g., AWS Secrets Manager, which has authentication & authorization.
https://krebsonsecurity.com/2026/05/cisa-admin-leaked-aws-govcloud-keys-on-github/
#CISA #AWS #GovCloud #CyberSecurity #DataLeak #InfoSec #GitHub #CloudSecurity #DevSecOps
CISA Admin Leaked AWS GovCloud Keys on Github – Krebs on Security

Colan SchwartzApr 25
While not specific to AI, it's a good point about infrastructure-as-code portability. Basically, your only cloud-specific resources should be network, firewall, and cluster. Everything else: Kubernetes
https://techstrong.ai/ai-infrastructure/the-ai-golden-handcuffs-why-kubernetes-is-your-only-insurance-against-infrastructure-lock-in/
#IaC #Kubernetes #ai #terraform #vendorlockin #Cloud #portability
The AI Golden Handcuffs: Why Kubernetes is Your Only Insurance Against Infrastructure Lock-In

Kubernetes helps reduce AI vendor lock-in by enabling portable infrastructure strategies amid growing GPU scarcity and cloud dependency.

Techstrong.ai
Colan SchwartzApr 25
iPhone users: Install this update
https://arstechnica.com/tech-policy/2026/04/apple-stops-weirdly-storing-data-that-let-cops-spy-on-signal-chats/
#apple #iPhone #signal #vulnerability #security #infosec #cybersecurity #e2ee #surveillance
Apple stops weirdly storing data that let cops spy on Signal chats

Signal “very happy” Apple fixed bug storing private chats after app was deleted.

Ars Technica
Colan SchwartzApr 23
If your web browser has to authenticate web sites it connects to, why can't your phone authenticate cellular towers it connects to? Can't this be baked into the protocol?
https://www.theglobeandmail.com/business/article-toronto-police-charge-three-in-sms-blaster-scam-text-operation/
#sms #infosec #cybersecurity #toronto #Canada #cybercrime #smsblasters #certificates
Toronto police charge three in ‘SMS Blaster’ scam-text operation

Police say it’s the first time the portable devices used to mimic cellphone towers have been detected in Canada

The Globe and Mail
Colan SchwartzApr 17

@protonprivacy : Some Lumo AI ideas:
1. I shouldn't have to tell it that Web Search is already on.
2. Please add a "Deep research" option.
3. Would be helpful to anticipate related issues in responses.

Please keep up the great work!
#lumo #proton #ai #chatbot #privacy #e2ee #encryption #chatgpt
https://proton.me/lumo

About Lumo, the privacy-first AI assistant | Lumo by Proton

Lumo helps you stay productive and private. As a privacy-first AI assistant, Lumo protects you with Proton's no-logs policy and zero-access encryption.

Proton
Colan SchwartzMar 8
Sounds like a great idea if it helps fund operations, right?
https://apnews.com/article/wikipedia-internet-jimmy-wales-50e796d70152d79a2e0708846f84f6d7
#Wikipedia #funding #AI #LLM #Sustainability #Infrastructure #Operations #Chatbots
Wikipedia signs business deals with top AI companies like Amazon and Microsoft

Wikipedia, the online encyclopedia written by volunteers, is embracing artificial intelligence to mark its 25th anniversary. The site has signed up new AI partners, including Meta and Microsoft, alongside existing ones with companies like Google. These companies are paying to access Wikipedia content, supporting its nonprofit mission. Founder Jimmy Wales welcomes AI training on Wikipedia data, emphasizing its human-curated nature. The Wikimedia Foundation urges AI developers to pay for access, as bots heavily tax its servers. Wikipedia plans to use AI to assist editors and improve search experiences, while addressing criticism of bias and competition from rivals like Grokipedia.

AP News
Colan SchwartzMar 8
Axel RafnMar 3

Launched my first SaaS two days ago.

Already have my first paying customer.

FreshBill — dead-simple invoicing for freelancers and micro-businesses.

→ Create an invoice in under 60 seconds
→ Send it as a clean PDF
→ See what's outstanding at a glance

Free to start. No credit card required.

freshbill.app

#buildinpublic #saas #indiehacker

Colan SchwartzMar 8
Don't want your devices searched when traveling? Go to Canada, not the US.
https://www.cbc.ca/news/politics/united-states-customs-border-protection-phone-search-9.7118271
#Canada #US #privacy #electronics #electronicsearches #traveling
U.S. customs searched a record number of electronic devices last year | CBC News

United States customs officers conducted a record number of searches of electronic devices last year of people travelling to the U.S., and a recent update to its directives adds new devices such as smart watches, SIM cards and flash drives to the list of things subject to search.

CBC
Colan SchwartzFeb 24
This is why I'm not verified on LinkedIn.
https://thelocalstack.eu/posts/linkedin-identity-verification-privacy/
#privacy #LinkedIn #GDPR #EU #Europe
#surveillance #identity #persona #CloudAct #biometrics
I Verified My LinkedIn Identity. Here's What I Actually Handed Over.

I wanted a blue badge on LinkedIn. To get it, I gave a US company my passport, my face, and my biometric data. Then I read the fine print.

THE LOCAL STACK