2026-03-24 12:17:23
Watching OpenClaw do its thing must be like watching the first plane take flight. It's a bit rickety and stuck together with a lot of sticky tape, but squint and you can see the potential for agentic AI to change the world as we know it. And I don't think that's hyperbolic. A lot of what people claim to have done with it is hyperbolic, and as with all new tech, the challenge is to cut through the noise and find the value. Stay tuned for more on that, as I've already found some really useful applications for it to help me do my job better, which I think I should devote my next weekly vid to just that.
2026-03-17 10:55:31
In the beginning, it was simple. A website, a database and 150M+ email addresses to search. Time has added serverless functions (which run on servers 🤷♂️), code on the edge, new data storage constructs and a completely different mechanism for even just querying a simple email address. HIBP is a continually evolving beast, and barely a week goes by that we don't implement code of significance. You don't always see it out there in the public realm, but the tweaks - in including the major one I talk about in this week's video - all add up to make the platform faster, more sustainable and if we do it right, even a bit more cost-effective to run 😊
2026-03-10 09:29:35
Since starting HIBP a dozen and a bit years ago, I've loaded an average of one breach every 4.7 days. That's 959 of them to date, but last week it was five in only two days. That's a few weeks' worth of breaches in only 48 and a half hours. And that's the way it tends to be in this industry: flurries of activity followed by periods of silence. I obviously don't have any control over the cadence of breaches (nor when they begin circulating), which does make for some interesting scheduling challenges. Somewhere amongst responding to those incidents, we manage to do all the other mechanical things required to keep this service running the way it does. Anyway, this week it's "breachapalooza", with some behind-the-scenes info on the Odido, KomikoAI, Quitbro, Lovora and Provecho.
2026-03-02 15:51:14
The Odido breach leaks were towards the beginning during this week's update. I recorded it the day after the second dump of data had hit, with a third dump coming a few hours later, and a final dump of everything the day after that. From what I hear, it dominated the news in the Netherlands, and we sure saw that through the traffic stats. Clearly, the leak cadence was designed for maximum news impact, and it seems to have achieved that. It may not have put any cash in the extortionist's pockets, but it's set a very visible precedent and, I suspect, put a massive law enforcement target on them. It's hard to image leaks of this impact continuing for much longer...
2026-02-24 08:38:59
The recurring theme this week seems to be around the gap between breaches happening and individual victims finding out about them. It's tempting to blame this on the corporate victim of the breach (the hacked company), but they're simultaneously dealing with a criminal intrusion, a ransom demand, and class-action lawyers knocking down their doors. They're in a lose-lose position: pay the ransom and fuel the criminals whilst still failing to escape regulatory disclosure obligations. Disclose early and transparently to individuals, which then provides fuel to the lawyers. Try to sweep the whole thing under the rug and risk attracting the ire of customers and regulators alike. It's a very big mess, and it doesn't seem to be getting any better.
2026-02-17 13:09:12
Well, the ESP32 Bluetooth bridge experiment was a complete failure. Not the radios themselves, they're actually pretty cool, but there's just no way I could get the Yale locks to be reliably operated by them. At a guess, BLE is a bit too passive to detect state changes, and unless it was awake and communicating, it just had no idea what was happening with the locks. So, I've now silenced all lock-related alerts and am focusing on making the wifi network as reliable as possible in the hope the locks actually become responsive. If that doesn't work, those Aqara U400s look really sweet...
