Most WordPress malware does not begin with a shadowy genius manually editing your theme at midnight. It begins with bots, bored plugins, sloppy permissions, and one unlucky functions.php file that became writable. This is the story of how attackers get the pen, why they keep writing, and why deleting one dirty file is rarely enough.
2026
16
May
Linux Snippets #6: The Silent Network Sweep
Stop guessing which IP your new Raspberry Pi or IoT device grabbed from the router. Here is the scommand to instantly map your entire local network without triggering alarms
14
May
The WordPress Backdoor That Forgot to Be PHP
A WordPress backdoor hidden in functions.php is bad enough. One pasted after the closing ?> tag is almost poetic: malware that forgot to become PHP and instead printed its own confession. Here is a technical walk-through of a hidden admin account, query tampering, fake user counts, and the grim beauty of neglected WordPress hygiene.
04
May
Rclone: Zero-Trust Cloud Storage Without the Friction
Stop trusting cloud providers with your personal data. Here is how to use rclone to build a transparent, client-side encryption layer over Dropbox or pCloud
20
Apr
Meshtastic vs Reticulum: Why Reticulum Wins for Scalable Sovereign LoRa Networks
Meshtastic is currently dominating the off-grid communication hype cycle. But when we look under the hood at its managed flooding architecture and symmetric cryptography, does it actually hold up as a foundation for sovereign infrastructure? Here is a deep dive into why I am shifting my focus to the Reticulum Network Stack.
10
Apr
Linux Snippets #3: The Instant SSH SOCKS Proxy
Skip the heavy VPN clients. Here is how to turn any remote Linux server into an encrypted SOCKS5 proxy with a single SSH command to bypass hostile local networks
06
Apr
The Cryptographic Zombie: How Keybase Went from Privacy Darling to Zoom’s Cleanup Crew
Once the ultimate geek flex for cypherpunks, Keybase promised to make PGP cryptography accessible to mere mortals. Today, it hovers in the digital ether as a “zombie” app. Here is the story of how a revolutionary open-source identity platform was cannibalized to become Zoom’s corporate cleanup crew.
2025
24
Sep
Malware with a Mind of Its Own – a case study in 4 acts
A new armsrace has begun and in many ways it seems like we have started something we cannot stop again – like Skynet, but real!
So I set out to explore this a bit and write about it.
2024
25
Oct
The Paradox of Privacy in the Digital Age
Having a philosophical moment thinking about my own privacy, I took a trip back through the history of the concept “privacy” by following the simple question: “Do you have privacy?”
03
Sep
Chat in the Shadows: Dark IRC on Linux for Maximum Privacy
So, you’ve heard about the Telegram fiasco, right? The big guy in charge got thrown in the slammer in France, and everyone started panicking about who’s really in control of our messages. If that doesn’t scream, “Hey, maybe don’t trust centralized platforms,” then I don’t know what will. But don’t worry! This guide is here […]