Javvad Malik

Breach of Confidence: 10 April 2026

I spent most of one day this week trying to access a perfectly ordinary online service and felt like I was applying for witness protection. By the end of it, I’d supplied a password, a code, a backup code, a second email, and what felt like several pieces of emotional verification. We are constantly told this is seamless. At this point, I assume “seamless” just means everyone suffers quietly.

http://javvadmalik.com/2026/04/10/breach-of-confidence-10-april-2026/

John Deere just got hit with a $99 million right-to-repair settlement. Farmers hacked their own tractors because Deere wouldn't let them fix what they owned. This matters far beyond farming. Every industry watching now.

https://www.thedrive.com/news/john-deere-to-pay-99-million-in-monumental-right-to-repair-settlement

I'm seeking recommendations for good blogs to read / add to my RSS feed. Like personal blogs, not necessarily corporate ones.

Don't even need to be related to security or IT... just stuff like how it used to be back in the day when people would write random stuff down and hit publish.

Thank you in advance

Security isn't about firewalls anymore. It's about whose story people believe. Africa's learning this the hard way, caught between Chinese infrastructure, Russian disinformation, and Western rule books. The real battlefield is your mind.

https://www.annacollard.com/post/africa-on-the-frontline-cybersecurity-geopolitics-and-why-security-is-moving-from-systems-to-human

Dear me, you already are

Someone sent me a photo last week. It was me, about fifteen years ago. And I looked good. Not "good for someone who has since surrendered to gravity" good. Actually good. Fit. Hair that was black rather than its current negotiations with grey. My first reaction was something between pride and grief. Because I remember at that time I didn't think I looked good.

http://javvadmalik.com/2026/04/08/dear-me-you-already-are/

We're training AI on our actual conduct which is... shading results, burying findings, making sure nobody notices.

https://www.ianbetteridge.com/the-worst-of-us/

We gave openclaw full access to everything, told it to think for itself, then acted shocked when things went sideways.

https://arstechnica.com/security/2026/04/heres-why-its-prudent-for-openclaw-users-to-assume-compromise/

Japan isn't automating because it's exciting. It's automating because it has to. Fewer people, more work, no choice.

https://techcrunch.com/2026/04/05/japan-is-proving-experimental-physical-ai-is-ready-for-the-real-world/

A spyware maker who built his fortune helping people spy on their spouses got time served and a $5,000 fine. He exposed millions of screenshots to the open internet. Never notified a single victim. The surveillance industry's moral compass doesn't just point nowhere. It doesn't exist.

https://techcrunch.com/2026/04/06/convicted-spyware-maker-bryan-fleming-avoids-jail-at-sentencing/

Your employees aren't rebels. They're just trying to finish their work before lunch. When your secure file system takes twenty minutes and ChatGPT takes two, guess what wins? Stop blaming users. Fix the friction.

https://it-online.co.za/2026/03/02/shadow-it-is-a-symptom-of-friction-not-rebellion/

Gen Z is nostalgic for a time they never lived because the one they're living in is exhausting!

https://fortune.com/2026/04/01/gen-z-analog-economy-5-billion-market-nostalgia/

There's no pride in letting a machine write your byline. The future isn't inevitable. It's just what happens when we stop refusing it.

https://www.thehandbasket.co/p/refusing-to-accept-big-tech-s-ai-poisoned-future-of-journalism

A bloke with admin access locked out his entire company and demanded 20 bitcoin. He got caught because he Googled "how to cover my tracks" beforehand. The insider threat isn't coming from outside. It's already got your passwords.

https://www.bleepingcomputer.com/news/security/man-admits-to-extortion-plot-locking-coworkers-out-of-thousands-of-windows-devices/

AI isn't the problem. The people running it are. They've got the technology to change the world and they're using it to optimise their own productivity whilst the rest of us inherit the mess.

https://karlbode.com/the-problem-with-ai-is-shitty-human-beings/

We've invented service accounts all over again. MCP servers are quietly becoming the same overprivileged, under-monitored access brokers that have haunted enterprise security for years. Except this time, we're stacking them on top of the old ones.

https://go.aembit.io/s/mcp-servers-and-the-return-of-the-service-account-problem-25746