infosec, tech, ai, marine 🇺🇸 // endurance, triathlon, adventure // walk the difficult path → do hard things // accelerate
Joined March 2010
- Tweets 1,418
- Following 819
- Followers 890
- Likes 4,095
551 Photos and videos
So capable, especially when coupled with openwebui.
Introducing the Fusion API, the smartest compound model in the market.
Fusion achieves Fable-level intelligence at half the price.
How it works 👇
23
Absolutely destroyed the openwebui setup due to some obscure kea dhcp bug. Kept digging into the host and container. Nope. Took the opportunity to refresh the containers and decouple ollama and whisper. Cleaner build.
So dumb. @pfsense
When a Kea pool or scope changes, the existing lease database can end up holding content that no longer lines up with the pool, and Kea then refuses to allocate from that subnet even though the pool looks empty and open. redmine.pfsense.org/issues/1…
47
When they disabled Fable 5, did Anthropic also handicap the rest of the models? Everything is dumb today.
39
Educating people on how to use the AI tools has become a serious bottleneck
The problem with this, and why I think people are frustrated:
Nobody has taught folks how to do this
It feels both evidently the future and also somehow gatekept
155
55
915
228,075
Andrew Healey retweeted
Jun 10
If Claude Fable stops helping you, you'll never know jonready.com/blog/posts/clau… (news.ycombinator.com/item?id…)
1
151
Jun 6
Kids roasted me for years about keeping every 2x4, wheel, random screw, and hard drive magnet like some kind of doomsday prepper. Redemption. I always knew this moment was coming.
2
3
52
Jun 6
What an odd timeline. MSRC in self destruct mode.
For more than 20 years, I have supported MSRC, dating back to my times as a security researchers at eEye. I have spoken at conferences, defended their program & methods publicly, & shared examples and results of productive collaboration even when many, many researchers strongly disagreed with me.
That history makes this especially difficult to say.
The current treatment of security researchers is deeply disappointing. Trust between vendors & the research community is hard-earned & easily lost. Researchers are not the enemy. They are often the first line of defense for customers, helping identify and responsibly report issues before malicious actors can exploit them. Alienating these individuals carries real consequences for the security ecosystem as a whole.
I've spent decades advocating for constructive engagement between Microsoft & the security community. What we all are seeing today falls short of the standards that built that relationship in the first place.
I hope this message reaches the people who still remember why that relationship mattered. Not because researchers are asking for special treatment but because mutual respect, transparency & good-faith engagement have always produced better outcomes for everyone involved. Microsoft's relationship with the security community was once viewed as a model for the industry. I truly hope it can be again.
149
Andrew Healey retweeted
Jun 2
Out of breath while running? Swim laps.
Legs burning during intervals? Supplement with bike workouts.
Constant injuries? Build in a strength training routine.
For most, running is often done best & performance improves when complimented with other training.
2
2
28
1,396
Andrew Healey retweeted
Thanks but I hate it.
Let's recap:
1. Threatening legal action in a blog.
2. Walks it back in a tweet.
3. Walks the walk back just a few phrases later.
There's a reason MSFT's MSRC is getting scorn, they're earning it.
Do better. You have in the past.
This is so bad.
Over the past several days, we have been listening to the conversation around coordinated disclosure and the relationship between security researchers and vendors. We recognize that this relationship is both critical and, at times, fragile. We deeply value the security community, and will continue to take your feedback seriously.
To be clear about our approach to legal matters, we have no intention to pursue action against individuals conducting or publishing their security research. When an individual breaks the law and engages in malicious activity causing real harm to our customers, we will work with law enforcement as appropriate.
We recognize the work that goes into researching and submitting a vulnerability. We are committed to approaching every interaction with transparency, clear communication, and professionalism. We continue to believe strongly in Coordinated Vulnerability Disclosure as the foundation for protecting customers and improving our products. Each year we process a high volume of vulnerability reports. That volume continues to grow and will continue with the rise of AI-enabled research. We acknowledge that some interactions have fallen short and are working to learn from them.
Many of us have experience on both sides of this work, as researchers reporting vulnerabilities and as responders triaging and assessing them. That perspective informs how we approach this feedback and the importance we place on getting it right, particularly as the volume and complexity of research continues to grow.
The security community plays a vital role in helping us protect customers. We are committed to maintaining a constructive and respectful relationship and growing together. We know that, given the nature of this work, there will at times be misunderstandings. We remain committed to engaging in good faith and to providing a respectful and professional experience for all researchers, regardless of past interactions.
Community note
The root of this statement is a post by a security researcher that stated MS revoked the access to their reporting account. When the researcher asked for explanation, his account got deleted. He got no answer. This escalated further by MS deleting the github account as well.
deadeclipse666.blogspot.com/2026/05/dear-m…
3
12
95
3,945
Andrew Healey retweeted
Jun 1
Microsoft’s handling of Nightmare Eclipse reveals how little they actually value independent security researchers when it becomes inconvenient.
Nightmare Eclipse followed the proper reporting channels, had his MSRC account revoked, received what amounted to legal threats, published PoCs for several unpatched Windows zero-days, and was subsequently banned from GitHub. Now @msftsecresponse issues a statement claiming they have no intention of pursuing researchers, while continuing to insist that coordinated disclosure is the only acceptable approach. Nightmare Eclipse still has no accounts reinstated and has received no meaningful apology.
Several researchers and observers have been clear about this today. @kln_nurv correctly notes that publishing exploits after attempting responsible disclosure is not a crime, yet there has been neither reinstatement nor apology, only damaged trust. @0x0Fuck rightly demands a public apology from Tom Gallagher (@secbughunter) and full reinstatement of Nightmare Eclipse’s accounts before MSRC can expect any credibility. @Stric_Nine, @PierreGrivet and others have made the same point, this is damage control, not accountability.
I once criticized @elder_plinius for releasing powerful jailbreaks and obliteration tools so openly. I believed it would introduce unnecessary risk and noise into the ecosystem. Under different circumstances, in other times, that view might still apply.
However, Microsoft and other large vendors have deliberately created an environment in which researchers who go public after official channels fail them are punished and silenced. In this reality, Pliny was correct. When companies treat disclosure as a threat to be managed rather than a necessary part of security, radical public release becomes one of the few remaining mechanisms researchers have to maintain visibility and pressure.
This problem is made worse by the rise of agentic attacks that can automatically discover and chain vulnerabilities at scale. The more vendors punish transparency, the greater the advantage they hand to automated exploitation.
Nightmare Eclipse should never have been forced into this position. Given how he was treated, his actions were entirely justified. I stand with the researchers who refuse to accept rules designed primarily to protect vendors.
If @msftsecresponse genuinely valued the security community, Nightmare Eclipse would have his accounts reinstated and there would be a substantive apology. Anything less is simply an attempt to reassert control while avoiding a real responsibility.
Over the past several days, we have been listening to the conversation around coordinated disclosure and the relationship between security researchers and vendors. We recognize that this relationship is both critical and, at times, fragile. We deeply value the security community, and will continue to take your feedback seriously.
To be clear about our approach to legal matters, we have no intention to pursue action against individuals conducting or publishing their security research. When an individual breaks the law and engages in malicious activity causing real harm to our customers, we will work with law enforcement as appropriate.
We recognize the work that goes into researching and submitting a vulnerability. We are committed to approaching every interaction with transparency, clear communication, and professionalism. We continue to believe strongly in Coordinated Vulnerability Disclosure as the foundation for protecting customers and improving our products. Each year we process a high volume of vulnerability reports. That volume continues to grow and will continue with the rise of AI-enabled research. We acknowledge that some interactions have fallen short and are working to learn from them.
Many of us have experience on both sides of this work, as researchers reporting vulnerabilities and as responders triaging and assessing them. That perspective informs how we approach this feedback and the importance we place on getting it right, particularly as the volume and complexity of research continues to grow.
The security community plays a vital role in helping us protect customers. We are committed to maintaining a constructive and respectful relationship and growing together. We know that, given the nature of this work, there will at times be misunderstandings. We remain committed to engaging in good faith and to providing a respectful and professional experience for all researchers, regardless of past interactions.
Community note
The root of this statement is a post by a security researcher that stated MS revoked the access to their reporting account. When the researcher asked for explanation, his account got deleted. He got no answer. This escalated further by MS deleting the github account as well.
deadeclipse666.blogspot.com/2026/05/dear-m…
7
52
357
29,673
A company whose name is literally "AI Slop" spelled backwards raised $30M by itself.
We literally live in the silliest timeline.
Polsia just raised $30M at a $250M valuation.
Approaching $10M annual run rate.
One Founder AI. Zero employees.
Polsia runs companies autonomously.
It also ran its own fundraising.
I just showed up for signatures.
177
657
7,305
1,174,721
Andrew Healey retweeted
May 21
Try to build as much code as possible over the next few months. The prices you are seeing now for AI will probably not last too long.
May 21
🦔Microsoft canceled its internal Claude Code licenses this week after token-based billing made the cost untenable, even for a company with effectively infinite cloud resources. Uber's CTO sent an internal memo warning the company burned through its entire 2026 AI budget in just four months. American AI software prices have jumped 20% to 37%, and GitHub (owned by Microsoft) is dropping flat-rate plans for usage-based billing across its products.
My Take
The AI subsidy era is ending in real time. The same company that put $13 billion into OpenAI and built the Azure infrastructure powering most of Anthropic's compute just looked at the bill from a competitor's coding tool and decided it was not worth paying. That is not a productivity failure on Anthropic's end. Token-based pricing is forcing every enterprise customer to confront the actual cost of running these models at scale, and the number turns out to be far higher than the flat-rate experiments suggested.
This ties directly to my Gemini Flash post yesterday. Anthropic, OpenAI, and Google all raised effective prices in the last six months. Enterprises that built workflows assuming AI costs would keep falling are now watching annual budgets evaporate in months. Two outcomes look likely from here. Either enterprises scale back AI usage to fit budgets, which slows the revenue ramp the labs need to justify their valuations ahead of IPOs, or the labs cut prices and absorb the losses, which makes the unit economics worse at exactly the wrong moment. Both paths land in the same place, the numbers stop working, and somebody has to take the writedown.
Hedgie🤗
152
300
4,175
1,184,847
Andrew Healey retweeted
May 21
CVE-2020-2033, CVE-2020-2021, CVE-2020-2050, CVE-2026-0257, and now CVE-2026-0265
Authentication bypass, as in direct access to your internal networks over the Internet
This VPN architecture should be dead, get it off the Internet, it's a time bomb waiting to happen
May 20
When Your VPN Opens Your Private Network to the Public!
An auth bypass in Palo Alto PAN-OS CAS Auth (CVE-2026-0265) that lets an attacker connect to the company's GlobalProtect VPN.
Blog - hacktron.ai/blog/cve-2026-02…
4
59
459
113,414