WillW

BSides Vancouver Island

It's official! We are back! Join us for a full day focused on connection, learning, and community-driven security talks.

📅 Friday, September 25th, 2026
📍 Victoria, BC
🔗 Stay tuned at bsidesvi.com

We look forward to seeing you there!
#BSidesVancouverIsland2026 #Cybersecurity #InfoSec

Call for Sponsors: BSides Vancouver Island 2026

Multiple sponsorship tiers are available, offering meaningful ways to contribute and connect with the local tech community.
🔗 Details: bsidesvi.com/cfs

Let’s work together to make 2026 our strongest year yet!

#BSidesVancouverIsland2026

"Farewell, Felix" - a blog post by Nico Lindner and Recurity Labs on the passing of Felix "FX" Lindner. RIP FX :(

blog.recurity-labs.com/2026-03-02/F...

Exclusive | OpenAI Employees Raised Alarms About Canada Shooting Suspect Months Ago The ChatGPT maker opted against informing Canadian authorities about Jesse Van Rootselaar’s descriptions of violence last June.

WSJ: OpenAI employees raised concerns about Tumbler Ridge shooter's ChatGPT interactions months ago but leaders said it didn't meet criteria to contact RCMP. Shooter "described scenarios involving gun violence" over several days last June
www.wsj.com/us-news/law/...

GitHub - beelzebub-labs/azazel: eBPF-powered silent observer for containerized runtimes, built for malware analysis sandboxes and Agentic AI monitoring. eBPF-powered silent observer for containerized runtimes, built for malware analysis sandboxes and Agentic AI monitoring. - beelzebub-labs/azazel

I have a visceral reaction to this stuff because we are repeating history. Keep them coming. The corpus grows.

github.com/beelzebub-la...

The big money behind Powell River’s controversial name change how American investors and Alberta oil interests are fueling division in small-town British Columbia

This is a hell of a read. Turns out I care about Powell River's name and the people using it to create the type of division that lead to Brexit. www.bchistoryboy.ca/p/the-big-mo...

This is a fantastic article and REALLY important to understand YOUR threat model.

Defend Canadian Journalism – Donate Form Support Our Journalism Defence Fund PressProgress is at the centre of what could be one of the biggest, longest and most expensive media trials in recent Canadian history. A former star candidate for ...

A former UCP candidate launched a big money lawsuit against PressProgress, CBC News and the Toronto Star in Alberta

This lawsuit risks creating chilling precedents that would protect politicians' secrets from whistleblowers

If you haven't already, you can support our Journalism Defence Fund here:

Opinion: Surrey Police Board defends its work as directors replaced – Surrey Citizen Surrey Police Service photo To the Editor: Last week, Premier David Eby announced the province was allowing appointments of four Surrey Police Board

Premier David Eby's announcement earlier this month that Surrey Police Board directors were to be replaced was "a surprise," says board chair Harley Chappell.

Read the Surrey Police Board's full statement in the Surrey Citizen: buff.ly/1pezi49

#Policing #SurreyBC #SurreyCitizen

I’ve been working toward this for years, and it finally happened.

Canada now has a parliamentary petition to require secure coding in federal software. If you care about cybersecurity, public safety, and better government tech, please sign:
👉 https://twp.ai/9Paevl
1/2

The Globe reports that lawful access coming back yet again. Last version included expansive warrantless access rules. Piece notably cites to internal CSIS emails celebrating the inclusion of lawful access in Bill C-2 days before the bill introduced.
www.theglobeandmail.com/politics/art...

I’ve been working toward this for years, and it finally happened.

Canada now has a parliamentary petition to require secure coding in federal software. If you care about cybersecurity, public safety, and better government tech, please sign:
👉 https://twp.ai/9Paf34
1/2

From magic to malware: How OpenClaw's agent skills become an attack surface | 1Password The same capabilities that make OpenClaw a groundbreaking tool also make it an urgent security risk. This blog contains confirmed examples of agent skills being used as malware vectors, and advice on ...

1Password not mincing words here:

"If you are experimenting with OpenClaw, do not do it on a company device. Full stop."

"If you have already run OpenClaw on a work device, treat it as a potential incident and engage your security team immediately."

1password.com/blog/from-ma...

'State of chaos': Coquitlam's Grand Central engulfed in a war between two opposing strata councils – Tri-Cities Dispatch Inside the fight for control of one of Coquitlam's largest strata corporations Control of one of Coquitlam’s largest strata corporations is now the subject of an ongoing legal battle, with allegations...

This is Pt. 1 one of a series I've been working on for about five months regarding Grand Central's governance crisis in #coquitlam. Pt. 2 should drop later today!

This is your regular reminder that the data broker industry must be destroyed.

Excerpt from Privacy International's article: The changes include: All visitors must submit ‘their social media from the last 5 years’ ESTA (Electronic System for Travel Authorization) applications will include ‘high value data fields’, ‘when feasible’ ‘telephone numbers used in the last five years’ ‘email addresses used in the last ten years’ ‘family number telephone numbers (sic) used in the last five years’ biometrics – face, fingerprint, DNA, and iris business telephone numbers used in the last five years business email addresses used in the last ten years. All these travellers will now have to use an app provided by CBP (‘CBP Home’) and an app for their ESTA application (‘ESTA Mobile App’). The ESTA website is being decommissioned. The ‘CBP Home’ mobile app will be used by people to provide biometric proof of their departure, to ‘close the information gap’. The app will disclose the user’s location once they have left the U.S. and run a liveness detection on the selfie photo.

🇺🇸🚫 So many people are going to stop visiting the United States, if this comes to pass... I'm imagining I'm going to be speaking virtually rather than in real-life a lot more. I do hope conference organisers move their events to Canada🇨🇦 or Europe🇪🇺.

www.privacyinternational.org/news-analysi...

just occurred to me that this could be an extinction-level event for facebook, like consider:

• everybody hates you, mark
• the only reason anybody still uses facebook is because everybody else still uses facebook
• if you nuke critical information, people are gonna start congregating elsewhere

WhatsApp is rolling out a new stricter security setting to protect users from cyber attacts | TechCrunch Days after Meta was sued over alleged false privacy claims surrounding its chat app WhatsApp, the company has rolled out a new setting to protect users

The same week that Meta was sued over claims that employees can access WhatsApp chat messages, WhatsApp rolls out a stricter security setting meant to protect users from government surveillance malware. techcrunch.com/2026/01/27/w...

It's like nobody learned anything from off-shoring at all, and now we get to watch them speedrun all the same lessons.

Typescript is probably not the best example of "interpreted" ;-)

I might argue that they're forced into being better about this because the tool (LLM code generators) are so much worse.

That's kinda my point. We're treating LLMs like compilers that we don't trust to produce correct compilations, and what does that say about how well they actually work?

I think that a question people should be asking is, "If we're going to write specs at this level of detail, why doesn't the LLM just produce a binary rather than an intermediate code artifact?"

It feels like management has collectively said "Remember how well offshore contractors worked for producing quality maintainable software? Let's do that again, but even moreso"

City of Port Moody ceases use of X due to ethical concerns over harmful content, plans shift to Bluesky – Tri-Cities Dispatch Creative Commons image / 4.0 International The City of Port Moody is the latest in a long list of institutions to flee the social media platform X, On Jan. 13, council unanimously voted to…

The City of Port Moody is the latest in a long list of institutions to flee the social media platform X, formerly known as Twitter.

Read more in the Tri-Cities Dispatch: buff.ly/c1CgQXZ

#PortMoody #TriCitiesDispatch

Random Tanya Thoughts on Video: securing vibe coded apps built by non-software engineers. How do we handle that?????
https://twp.ai/9PZGf1

TamaGo AMD SEV-SNP support is now tested on physical servers.

This is a networked pure Go UEFI unikernel, launched under QEMU with AMD SEV-SNP, obtaining an attestation report and performing its online verification.

Transparent, reproducible, pure Go Confidential VMs!

Several Canadian news orgs have already left X, but I believe @pressprogress.ca may be the first to adopt a policy setting standards around use of digital platforms

We think it's time news orgs stop prioritizing clicks and start requiring higher standards from these platforms

B.C. Attorney General 'deeply disturbed' by social media giant X's intimate image case | CBC News British Columbia's Attorney General says she's "deeply disturbed" that the social media company X has filed a legal challenge against an order to remove a non-consensual intimate image from the intern...

The Canadian government is well aware that their proposed "solution" will be completely ineffectual, because we've already seen it play out that way with a similar provincial law in BC.

www.cbc.ca/news/canada/...