2026-03-18 A trust paradox If automated CI tests are both a way to measure trust and a vector for attack, what’s the responsible maintainer to do? Categories Posts
2026-03-08 You’d better start believing in supply chains because you’re in one (SCaLE 23x) At SCaLE 23x, I’ll debut “You’d better start believing in supply chains because you’re in one.” This talk started as a silly joke, but it covers a serious and timely topic. Categories Talks
2025-12-24 How quickly should you fix vulnerabilities? It’s okay to say “pay me if you want fast fixes”, but communicate that policy ahead of time so people can make informed decisions. Categories Posts
