Jathan McCollum
@jathanism.bsky.social
Co-founder and CTO of @getblindinsight.bsky.social. I kick ass and eat pizza. I do a lot of automation and hardcore security and network infrastructure work. Cryptography for fun and profit but mostly fun.
What do you get when you cross an oasis in a canyon with a pump and a thump? It's this. This is what you get. And you deserve it! This set fucking bumps!
This was originally released on the Leyenda Radio Podcast as episode 007 on 3 Nov 2024; recorded 16 Mar 2024.
on.soundcloud.com/z0WPmDedqpbs...
This was originally released on the Leyenda Radio Podcast as episode 007 on 3 Nov 2024; recorded 16 Mar 2024.
on.soundcloud.com/z0WPmDedqpbs...
Live at Leyenda del Corazon 2024
What do you get when you cross an oasis in a canyon with a pump and a thump? It's this. This is what you get. And you deserve it! This was originally released on the Leyenda Radio Podcast as episode 0
on.soundcloud.com
July 22, 2025 at 6:03 AM
What do you get when you cross an oasis in a canyon with a pump and a thump? It's this. This is what you get. And you deserve it! This set fucking bumps!
This was originally released on the Leyenda Radio Podcast as episode 007 on 3 Nov 2024; recorded 16 Mar 2024.
on.soundcloud.com/z0WPmDedqpbs...
This was originally released on the Leyenda Radio Podcast as episode 007 on 3 Nov 2024; recorded 16 Mar 2024.
on.soundcloud.com/z0WPmDedqpbs...
Read it and weep. Literally. From the article: "...the communication path from the modified app to the storage endpoint is not fully end-to-end encrypted." & the attacker "breached TeleMessage's system within 15 to 20 minutes of becoming curious about the product."
https://cyberinsider.com/signal-
https://cyberinsider.com/signal-
May 5, 2025 at 7:49 PM
Read it and weep. Literally. From the article: "...the communication path from the modified app to the storage endpoint is not fully end-to-end encrypted." & the attacker "breached TeleMessage's system within 15 to 20 minutes of becoming curious about the product."
https://cyberinsider.com/signal-
https://cyberinsider.com/signal-
If honking and flashing my lights at, and running a Cybertruck off the highway is wrong, I don't wanna be right.
April 10, 2025 at 5:41 AM
If honking and flashing my lights at, and running a Cybertruck off the highway is wrong, I don't wanna be right.
I really like porridge 🥣 and very secure bears.
Torn between data security & actual usability? @nicksullivan.org’s latest article says you can have both.
It’s the Goldilocks of #DataProtection:
#SearchableEncryption, where data stays locked up, yet you can still get all the insights you need. "Just Right" 🐻
www.blindinsight.com...
It’s the Goldilocks of #DataProtection:
#SearchableEncryption, where data stays locked up, yet you can still get all the insights you need. "Just Right" 🐻
www.blindinsight.com...
March 28, 2025 at 4:04 AM
I really like porridge 🥣 and very secure bears.
Reposted by Jathan McCollum
At @getblindinsight.bsky.social, we believe that data-sharing shouldn’t force you to choose between innovation & privacy.
NIST’s differential privacy guidelines (NIST SP 800-226) aim to give organizations a safer path to collaborate on critical datasets without sacrificing sensitive information.
NIST’s differential privacy guidelines (NIST SP 800-226) aim to give organizations a safer path to collaborate on critical datasets without sacrificing sensitive information.
March 17, 2025 at 11:30 PM
At @getblindinsight.bsky.social, we believe that data-sharing shouldn’t force you to choose between innovation & privacy.
NIST’s differential privacy guidelines (NIST SP 800-226) aim to give organizations a safer path to collaborate on critical datasets without sacrificing sensitive information.
NIST’s differential privacy guidelines (NIST SP 800-226) aim to give organizations a safer path to collaborate on critical datasets without sacrificing sensitive information.
Reposted by Jathan McCollum
#DataPrivacy can be a growth catalyst.
Check out our “Closing Deals w/ Data Privacy & Security Excellence” guide to learn how to:
• Strengthen your security posture
• Gain customer trust early
• Shorten sales cycles by months
www.blindinsight.com/insights/clo...
#DataSecurity #EncryptionInUse
Check out our “Closing Deals w/ Data Privacy & Security Excellence” guide to learn how to:
• Strengthen your security posture
• Gain customer trust early
• Shorten sales cycles by months
www.blindinsight.com/insights/clo...
#DataSecurity #EncryptionInUse
March 13, 2025 at 11:49 PM
#DataPrivacy can be a growth catalyst.
Check out our “Closing Deals w/ Data Privacy & Security Excellence” guide to learn how to:
• Strengthen your security posture
• Gain customer trust early
• Shorten sales cycles by months
www.blindinsight.com/insights/clo...
#DataSecurity #EncryptionInUse
Check out our “Closing Deals w/ Data Privacy & Security Excellence” guide to learn how to:
• Strengthen your security posture
• Gain customer trust early
• Shorten sales cycles by months
www.blindinsight.com/insights/clo...
#DataSecurity #EncryptionInUse
Uploading your data into Blind Insight validates, encrypts, and indexes it in real time. Choose the interface that works best for you!
Need a fast, secure way to upload data to your schema?
In this demo, @aspiringroadkill.bsky.social shows how to add data to a schema using the CLI. With just 4 arguments (& a few seconds), your records are securely uploaded & instantly available in the Blind Insight web UI.
youtu.be/a1S2La-KiQE...
In this demo, @aspiringroadkill.bsky.social shows how to add data to a schema using the CLI. With just 4 arguments (& a few seconds), your records are securely uploaded & instantly available in the Blind Insight web UI.
youtu.be/a1S2La-KiQE...
Blind Insight - Upload Data Using the CLI
A short video to demonstrate the blind record create command in the CLI.See our documentation for more details: https://docs.blindinsight.io/getting-started/...
youtu.be
March 10, 2025 at 3:48 PM
Uploading your data into Blind Insight validates, encrypts, and indexes it in real time. Choose the interface that works best for you!
We must launched upload for the UI and I gotta say it's pretty slick to be able to transparently encrypt your data just like a regular data import. But using your keys not ours!
Need a fast, secure way to upload data to your schema?
In this demo, @aspiringroadkill.bsky.social shows how to add data to a schema using the CLI. With just 4 arguments (& a few seconds), your records are securely uploaded & instantly available in the Blind Insight web UI.
youtu.be/a1S2La-KiQE...
In this demo, @aspiringroadkill.bsky.social shows how to add data to a schema using the CLI. With just 4 arguments (& a few seconds), your records are securely uploaded & instantly available in the Blind Insight web UI.
youtu.be/a1S2La-KiQE...
Blind Insight - Upload Data Using the CLI
A short video to demonstrate the blind record create command in the CLI.See our documentation for more details: https://docs.blindinsight.io/getting-started/...
youtu.be
March 8, 2025 at 3:30 AM
We must launched upload for the UI and I gotta say it's pretty slick to be able to transparently encrypt your data just like a regular data import. But using your keys not ours!
Reposted by Jathan McCollum
In this ⏰ 20-second demo, @getblindinsight.bsky.social CTO @jathanism.bsky.social shows the lightning-fast upload speeds in our innovative, privacy-enhancing technology.
1,000 records uploaded & indexed in seconds, fully searchable, and end-to-end encrypted. So you can have your data & eat it too.
1,000 records uploaded & indexed in seconds, fully searchable, and end-to-end encrypted. So you can have your data & eat it too.
February 26, 2025 at 10:08 PM
In this ⏰ 20-second demo, @getblindinsight.bsky.social CTO @jathanism.bsky.social shows the lightning-fast upload speeds in our innovative, privacy-enhancing technology.
1,000 records uploaded & indexed in seconds, fully searchable, and end-to-end encrypted. So you can have your data & eat it too.
1,000 records uploaded & indexed in seconds, fully searchable, and end-to-end encrypted. So you can have your data & eat it too.
Reposted by Jathan McCollum
Some things work better together... like valuable data insights, and privacy & security.
The @getblindinsight.bsky.social beta is now open.
Get real-time searchable encryption and fine-grained programmable access controls.
The @getblindinsight.bsky.social beta is now open.
Get real-time searchable encryption and fine-grained programmable access controls.
February 18, 2025 at 6:53 PM
Some things work better together... like valuable data insights, and privacy & security.
The @getblindinsight.bsky.social beta is now open.
Get real-time searchable encryption and fine-grained programmable access controls.
The @getblindinsight.bsky.social beta is now open.
Get real-time searchable encryption and fine-grained programmable access controls.
This is my literal nightmare. I've dedicated my career of over 30 years to cybersecurity only to have these buffoons upend decades of progress in mere weeks.
DOGE Exposes Once-Secret Government Networks, Making Cyber-Espionage Easier than Ever
A new investigation shows nuclear secrets and government servers are dangerously exposed to nation-state hackers.
cyberintel.substack.com
February 15, 2025 at 5:47 PM
This is my literal nightmare. I've dedicated my career of over 30 years to cybersecurity only to have these buffoons upend decades of progress in mere weeks.
🔤 Always Be Closing
94% of enterprise buyers walk away from a deal due to security concerns.
Organizations w/ strong privacy guarantees see:
- 62% higher win rates
- Faster deal cycles
- 37% larger deal sizes
Companies that invest in privacy-first strategies are closing more deals & reducing friction in procurement.
Organizations w/ strong privacy guarantees see:
- 62% higher win rates
- Faster deal cycles
- 37% larger deal sizes
Companies that invest in privacy-first strategies are closing more deals & reducing friction in procurement.
February 13, 2025 at 3:42 AM
🔤 Always Be Closing
Oh hey it's me!
How do you search encrypted data without exposing it?
Blind Insight delivers end-to-end searchable encryption: Your keys, your control. 💪
@jathanism.bsky.social shares how @getblindinsight.bsky.social can help your team maintain #DataPrivacy while still unlocking insights.
Blind Insight delivers end-to-end searchable encryption: Your keys, your control. 💪
@jathanism.bsky.social shares how @getblindinsight.bsky.social can help your team maintain #DataPrivacy while still unlocking insights.
February 8, 2025 at 4:15 AM
Oh hey it's me!
Reposted by Jathan McCollum
CFPB has finalized the #OpenBanking rule. Under Section 1033, financial institutions must provide consumers with free and secure access to their financial data.
In this article @getblindinsight.bsky.social founder @jackiepeters.bsky.social shares an analysis of what’s ahead: bit.ly/open-banking...
In this article @getblindinsight.bsky.social founder @jackiepeters.bsky.social shares an analysis of what’s ahead: bit.ly/open-banking...
The Finalization of Section 1033
Blind Insight | Discover the opportunities of open banking! Learn how financial institutions and software vendors can overcome challenges, foster trust, and drive innovation in a more connected and s...
bit.ly
February 6, 2025 at 5:25 PM
CFPB has finalized the #OpenBanking rule. Under Section 1033, financial institutions must provide consumers with free and secure access to their financial data.
In this article @getblindinsight.bsky.social founder @jackiepeters.bsky.social shares an analysis of what’s ahead: bit.ly/open-banking...
In this article @getblindinsight.bsky.social founder @jackiepeters.bsky.social shares an analysis of what’s ahead: bit.ly/open-banking...
Please for your sake and sanity DO NOT USE DeepSeek on your phone.
DeepSeek iOS app sends data unencrypted to ByteDance-controlled servers
Apple’s defenses that protect data from being sent in the clear are globally disabled.
arstechnica.com
February 7, 2025 at 6:24 PM
Please for your sake and sanity DO NOT USE DeepSeek on your phone.
Insurance companies right now are all like:
"Thanks for being our loyal customer for the last 25 years.
Here's four paragraphs where we explain how and why we are going to fuck you over by jacking up your rates and there's nothing you can do about it!
I hope this helps.
All the best!"
"Thanks for being our loyal customer for the last 25 years.
Here's four paragraphs where we explain how and why we are going to fuck you over by jacking up your rates and there's nothing you can do about it!
I hope this helps.
All the best!"
February 6, 2025 at 2:51 PM
Insurance companies right now are all like:
"Thanks for being our loyal customer for the last 25 years.
Here's four paragraphs where we explain how and why we are going to fuck you over by jacking up your rates and there's nothing you can do about it!
I hope this helps.
All the best!"
"Thanks for being our loyal customer for the last 25 years.
Here's four paragraphs where we explain how and why we are going to fuck you over by jacking up your rates and there's nothing you can do about it!
I hope this helps.
All the best!"
Reposted by Jathan McCollum
Confidential computing is a pretty cool paradigm; in theory, you don’t need to trust your cloud provider to not steal or tamper with your data anymore, you *just* have to trust the hardware. In practice, don’t forget about defense in depth & co 😉
AMD: Microcode Signature Verification Vulnerability
### Summary
Google Security Team has identified a security vulnerability in some AMD Zen-based CPUs. This vulnerability allows an adversary with local administrator privileges (ring 0 from outside...
github.com
February 4, 2025 at 7:03 AM
Confidential computing is a pretty cool paradigm; in theory, you don’t need to trust your cloud provider to not steal or tamper with your data anymore, you *just* have to trust the hardware. In practice, don’t forget about defense in depth & co 😉
Reposted by Jathan McCollum
PSA: We're 2+ weeks w/o the Morbidity and Mortality Weekly Report, published WEEKLY by the CDC since 1961. It's where we first learn about emerging infectious diseases. It's where we first learned about AIDS, Legionnaires Disease and COVID-19. It's been blocked since Jan 20, 2025. WE ARE NOT SAFE.
February 2, 2025 at 2:08 AM
PSA: We're 2+ weeks w/o the Morbidity and Mortality Weekly Report, published WEEKLY by the CDC since 1961. It's where we first learn about emerging infectious diseases. It's where we first learned about AIDS, Legionnaires Disease and COVID-19. It's been blocked since Jan 20, 2025. WE ARE NOT SAFE.
TIL that Discord now supports passkeys for strong authentication. Every time a provider enable passkeys a kitten gets its whiskers. 😻
January 31, 2025 at 6:10 PM
TIL that Discord now supports passkeys for strong authentication. Every time a provider enable passkeys a kitten gets its whiskers. 😻
In implementing a new large file and batch upload feature to the @getblindinsight.bsky.social Blind Proxy I discovered the TUS protocol. It is flipping awesome. Highly recommend it. And the best part is their reference implementation is in Go! tus.io
tus - resumable file uploads
tus is the open protocol standard for resumable and reliable file uploads across the web, facilitating efficient and seamless file transfer experiences.
tus.io
January 31, 2025 at 6:04 PM
In implementing a new large file and batch upload feature to the @getblindinsight.bsky.social Blind Proxy I discovered the TUS protocol. It is flipping awesome. Highly recommend it. And the best part is their reference implementation is in Go! tus.io
Today in "why securing healthcare data privacy is so critically important". www.bleepingcomputer.com/news/securit...
Backdoor found in two healthcare patient monitors, linked to IP in China
The US Cybersecurity and Infrastructure Security Agency (CISA) is warning that Contec CMS8000 devices, a widely used healthcare patient monitoring device, include a backdoor that quietly sends patient...
www.bleepingcomputer.com
January 31, 2025 at 3:58 PM
Today in "why securing healthcare data privacy is so critically important". www.bleepingcomputer.com/news/securit...
Every day. Every fucking day. I wake up 15 minutes before my alarm. Is it too much to ask to "sleep in"? 😑
January 31, 2025 at 3:08 PM
Every day. Every fucking day. I wake up 15 minutes before my alarm. Is it too much to ask to "sleep in"? 😑
Groan. Here we go again with another speculative execution vulnerability. arstechnica.com/security/202...
Apple chips can be hacked to leak secrets from Gmail, iCloud, and more
Side channel gives unauthenticated remote attackers access they should never have.
arstechnica.com
January 30, 2025 at 4:32 PM
Groan. Here we go again with another speculative execution vulnerability. arstechnica.com/security/202...
Well that didn't take long for DeepSeek to be exposed as so ridiculously insecure it's jaw-dropping. So it goes that one of the largest gaps in the AI space is traditional bare bones infrastructure security. Good lord.
www.wiz.io/blog/wiz-res...
www.wiz.io/blog/wiz-res...
Wiz Research Uncovers Exposed DeepSeek Database Leaking Sensitive Information, Including Chat History | Wiz Blog
A publicly accessible database belonging to DeepSeek allowed full control over database operations, including the ability to access internal data. The exposure includes over a million lines of log str...
www.wiz.io
January 30, 2025 at 4:51 AM
Well that didn't take long for DeepSeek to be exposed as so ridiculously insecure it's jaw-dropping. So it goes that one of the largest gaps in the AI space is traditional bare bones infrastructure security. Good lord.
www.wiz.io/blog/wiz-res...
www.wiz.io/blog/wiz-res...
No matter how many times you tell PayPal to "trust this device", it doesn't. PayPal has no memory, just like the bath towel I use to dry my bum.
January 29, 2025 at 7:48 PM
No matter how many times you tell PayPal to "trust this device", it doesn't. PayPal has no memory, just like the bath towel I use to dry my bum.