Articles
Writing on cloud infrastructure, digital sovereignty and open systems.
- Two pipelines, one drift — how Norway is engineering the warrant out of digital intrusion The Norwegian Tax Administration copies whole phones in tax audits. DSOP-Politi pulls ten years of bank data in seconds. Neither pipeline has a court in the loop at the intrusion.
- Telia's typo explanation raises bigger telecom-trust questions Telia now explains the location-data exposure as a configuration error: P-Access-Network-Info became P-Access-Network-Id. That may explain the mechanism. It does not explain why sensitive cell-level context was allowed to cross a telecom trust boundary.
- The telecom trust-boundary problem is now mainstream LinkedIn News highlighted my telecom privacy post as an Editors’ Pick. The bigger story is why Citizen Lab, TechCrunch, Ofcom and the Telia Norway case all point to the same infrastructure trust-boundary problem.
- Russia isn't censoring the internet. It's redesigning dependence. Russia is not blocking the internet. It is engineering a new kind of dependence — where state-approved services stay available and the open world becomes friction. Here is how that architecture works, and why it is more effective than a blackout.
- Your fonts are probably still a hyperscaler dependency Most sites still fetch fonts from third parties by default. That creates external calls, metadata exposure and one more dependency you do not really control.
- Why signaling leaks are the hardest class of failures to detect Why some of the most persistent data exposures happen when systems behave exactly as designed — and why they are so difficult to detect.
- Telia: Location data leaked through telecom signaling A Telia case revealed how standard SIP signaling exposed location data during call setup — not through hacking, but through normal system behavior.
- When regulation meets encryption in modern cloud systems Cloud infrastructure is built on encryption and non-access by design. This analysis explores why proposed CSAR measures may conflict with that model — and what it means for security and responsibility.
- Surveillance and security: the architectural paradox Security and surveillance cannot coexist without architectural consequences.
- Metadata and digital identity: mapping behavior without content Metadata alone can reveal identity, behavior and relationships — without accessing content.
- Presenting digital HC cards at DNB — Identity Day Norway Presenting a digital HC card solution at DNB Identity Day Norway, and what it revealed about public sector digitalization.