https://wiggels.dev/tags/security/Recent content in Security on Hunter WigelsworthHugoen-usFri, 05 Jun 2026 00:00:00 +0000https://wiggels.dev/posts/amd-sev-snp-trust-nobody-encrypt-everything/Fri, 05 Jun 2026 00:00:00 +0000https://wiggels.dev/posts/amd-sev-snp-trust-nobody-encrypt-everything/<p>Your cloud provider can read your VM&rsquo;s memory. Full stop. I don&rsquo;t care what their marketing page says. If you&rsquo;re running on standard hardware with standard virtualization, the hypervisor has god-mode access to every byte of your guest&rsquo;s RAM. Your encryption-at-rest doesn&rsquo;t matter. Your TLS doesn&rsquo;t matter. The moment your data is in memory, it&rsquo;s naked and the hypervisor is watching.</p> <p>This is the problem AMD set out to solve with SEV-SNP, and after deploying this stuff in production across multiple clusters, I&rsquo;m going to walk you through exactly how it works — all five generations of it — because understanding the evolution explains <em>why</em> the final product looks the way it does.</p>https://wiggels.dev/posts/i-wrote-a-rust-crate-for-abuse-reporting-because-apparently-python-wasnt-enough/Tue, 19 May 2026 00:00:00 +0000https://wiggels.dev/posts/i-wrote-a-rust-crate-for-abuse-reporting-because-apparently-python-wasnt-enough/<p>You know that feeling when you&rsquo;re reading a spec, see &ldquo;reference implementation: Python&rdquo; and &ldquo;reference implementation: JavaScript&rdquo;, and think &ldquo;huh, nobody bothered with Rust for this&rdquo;?</p> <p>That was me reading the XARF v4 spec.</p> <p>XARF — the eXtended Abuse Reporting Format — is a JSON schema for describing abuse incidents. Spam. DDoS. Phishing. Malware. Copyright violations. Compromised servers. Botnets. All the things that keep abuse desks awake at night, but in a machine-readable format that two organizations can actually exchange without someone sending a PDF attachment.</p>