Posts on Axel Segebrecht

Why Modern Cars Are a Security Liability — And What I’m Buying Instead

Wed, 13 May 2026 00:00:00 +0000

Modern cars are full of features I genuinely love. They’re also full of security risks I can no longer ignore.

Let me start with the case for the modern car, because there is one and it’s strong.

When I drove the very first generation Nissan Leaf, it felt like a glimpse of the future. I could pre-heat the cabin from my phone before walking out the door on a cold January morning. I could check from a meeting room that I’d actually locked it. I could find it in a multi-storey car park whose floor I’d forgotten. A modern EV adds adaptive cruise control that holds a safe distance on the motorway, blind-spot monitoring that quietly nudges you when there’s a cyclist alongside, 360-degree cameras that turn parallel parking into a non-event, lane-keep assist that catches the moments your concentration didn’t, and the warming and cooling pleasures of heated and ventilated seats.

The Only Mythos Question That Matters — And Why You Can’t Trust the Answer

Sun, 19 Apr 2026 00:00:00 +0000

The hype cycle, in miniature

On 26 March 2026, Fortune reported that Anthropic had inadvertently left a draft blog post in an unsecured, publicly searchable data cache. The draft described an unreleased model called Claude Mythos as the most powerful model the company had ever built, and warned it would enable a wave of models capable of exploiting vulnerabilities faster than defenders could keep up.

Twelve days later, on 7 April, Anthropic made the announcement official. Mythos Preview, they said, had autonomously discovered thousands of zero-day vulnerabilities across every major operating system and web browser. Rather than release it, they launched Project Glasswing — a restricted consortium of twelve launch partners including AWS, Apple, Google, Microsoft, CrowdStrike and NVIDIA, plus around forty additional critical-infrastructure organisations, backed by $100 million in usage credits.

Ditch WhatsApp and Discord: Private Alternatives That Don't Harvest Your Data

Tue, 24 Mar 2026 08:50:00 +0000

Your messages might be encrypted, but that doesn’t mean they’re private.

If you’re using WhatsApp, Discord, Slack, or Instagram DMs, you’re trusting corporations with your conversations — corporations that have a track record of sharing your data, harvesting your metadata, or quietly rolling back the privacy features you thought you had. It doesn’t have to be this way. There are genuinely private, open source alternatives that are easy to set up and don’t cost you your privacy.

Age Verification Isn't About Safety — It's About Data Harvesting

Mon, 23 Mar 2026 00:00:00 +0000

Every time you’re asked to verify your age online, someone profits — and it isn’t you.

You’ve probably noticed it. More and more websites, apps, and platforms are demanding you prove who you are before you can use them. It feels like a safety measure. It sounds reasonable. But the truth behind the global push for age verification has very little to do with protecting children — and everything to do with money.

How to Use AI in Your Business Without Losing Control

Tue, 17 Mar 2026 10:00:00 +0000

AI can genuinely help your business — but only if you adopt it on your terms, not theirs.

Every week I speak to business owners who are either rushing headlong into AI automation or avoiding it entirely out of fear. Both extremes are risky. The smart approach sits somewhere in the middle: use AI deliberately, keep it sandboxed, and never hand over the keys.

The Rug Pull Is Coming

Let’s talk about the elephant in the room. The frontier models — Claude, ChatGPT, Gemini, Copilot and the rest — are currently priced to gain market share, not to turn a profit. Even OpenAI’s CEO admitted they’re losing money on their $200-per-month Pro subscriptions. This is the same playbook we’ve seen with every major tech wave: offer it cheap or free, get people hooked, then raise prices once switching costs are too high.

Autonomous Robots Are Already Here — Who's Really in Charge?

Fri, 13 Mar 2026 12:00:00 +0000

AI-powered machines are delivering your parcels, fighting wars, and running your supply chain. But as hostile states embed backdoors in the hardware that powers them, the real question isn’t whether autonomous systems can be turned against us — it’s whether we’d even know until it was too late.

The Battlefield Has Come Home

Not long ago, the idea of AI-guided machines making life-or-death decisions on the battlefield felt like the stuff of science fiction. Today, it is documented reality. AI-guided drones are killing people in Ukraine right now — a fact confirmed by Russian technical experts themselves, who acknowledge that autonomous drones determining their own targets are already in combat. And the security implications of that shift do not stop at the front line.

Why Microsoft Is Becoming a Security Liability

Sat, 21 Feb 2026 00:00:00 +0000

Something has shifted with Microsoft, and not in a good way. What was once a straightforward productivity suite that you bought, installed, and owned has quietly transformed into something far more concerning. If you have not noticed the changes yet, you will soon, and they have real implications for your business.

From Office to confusion

Microsoft has rebranded its familiar Office apps into something called Microsoft 365 Copilot. If that name sounds confusing, you are not alone. There are now two apps on the app stores with almost identical names, and when you visit office.com you are greeted by a completely different interface to what you are used to. For anyone who just wants to open their laptop and get on with their work, this has caused genuine frustration.

My Top Censorship-Busting Tools: Stay Private Online

Wed, 18 Feb 2026 22:06:00 +0000

My Top Censorship-Busting Tools: Stay Private Online

A quick note before we dive in: this post is for informational purposes only. I am not advising you to circumvent censorship laws in your country. Many of these tools are open source and publicly available — whether or not they are legal where you are is something you need to check yourself. Stay safe.

This post is a follow-up to Why Censorship Doesn’t Work — and Australia’s Social Media Ban Proves It. If you have not read it yet, it gives useful context for why these tools matter. Let’s get on with the article.

Why Censorship Doesn't Work — And Australia's Social Media Ban Proves It

Tue, 17 Feb 2026 10:00:00 +0000

Australia’s social media ban for under-16s came into effect in late 2025, and barely two months in, it’s already falling apart. Platforms have removed 4.7 million accounts — but teens are finding ways around the restrictions just as fast. That’s exactly what happens every time governments try to control what people do online. I want to share why I believe censorship is fundamentally broken, and what we should be doing instead.

Banning Teens from VPNs and Social Media Won't Protect Them

Mon, 16 Feb 2026 10:00:00 +0000

The UK government wants to ban under-16s from social media and VPNs. On paper, it sounds like a sensible move to protect children. In practice, it’s completely useless — and here’s why.

A Ban That Misses the Point

Let’s start with the obvious: most teenagers know more about technology than their parents. And, frankly, more than most of the politicians debating these laws. A VPN — short for Virtual Private Network, which is basically a tool that creates a private, encrypted tunnel for your internet traffic — is something a moderately clued-up teenager can set up in minutes. Banning it won’t stop them using it. It’ll just push the whole thing underground.

Why I'm Moving My Websites from WordPress to Hugo

Sun, 15 Feb 2026 21:00:00 +0000

I’ve made the switch. After years of running my websites on WordPress, I’ve moved them over to Hugo — and I think you should at least consider doing the same. Let me explain why.

So What Actually Is Hugo?

Hugo is what’s known as a static site generator. In plain English, that means it builds your entire website in advance as a collection of simple files — no databases, no server-side processing, no moving parts. You write your content, Hugo turns it into a website, and that’s it. Done.

Introducing Static Host UK — Privacy-First Website Hosting, Built in Britain

Sun, 15 Feb 2026 20:00:00 +0000

Static Host UK is live — free, GDPR-compliant static site hosting with built-in analytics and form processing, all on UK infrastructure. No cookies, no US cloud providers, no nonsense.

I’ve been banging the drum about technical sovereignty and privacy for years now. Today I’m putting my money where my mouth is. I’m thrilled to announce the launch of Static Host UK — a hosting platform built from the ground up to do things properly.

Is Your Neighbour's Security Camera a Risk to You?

Sat, 14 Feb 2026 12:00:00 +0000

You probably don’t think twice about the little camera above your neighbour’s front door. It’s there to catch parcel thieves and keep an eye on things when they’re away, right? But what if that innocent-looking doorbell camera is quietly recording you, learning your routines, and — worst case — giving a bad actor a window into your daily life?

It’s a question worth asking, especially after Ring’s recent Super Bowl ad kicked off a proper storm about home surveillance.

Private Security Isn't Just Bodyguards — Your Digital Life Needs Protection Too

Mon, 09 Feb 2026 17:01:46 +0000

When you think of private security, you probably picture close protection officers, armoured vehicles, and someone scanning the crowd while you walk to your car. That’s the physical side, and it’s important. But in the digital world, things are a lot hotter — and a lot harder to protect.

If you’ve got something to lose, whether that’s wealth, a business, sensitive deals, or simply your privacy, then your cyber security needs to be taken just as seriously as the bloke standing at your front gate.

What if Everyone Could Vote on Everything?

Mon, 09 Feb 2026 17:01:46 +0000

Imagine a world where politics isn’t about politicians — it’s about people. Where the rules are few, the power is shared, and technology does the heavy lifting to keep things fair. Sound far-fetched? Maybe not.

Less Rules, More Freedom

The starting point is simple: you should be free to live your life however you choose, as long as you’re not hurting anyone else. We still need rules to stop dodgy builders cutting corners or people getting away with dangerous behaviour. But beyond that? Less is more.

Is AI Making Cybercrime Easier? The Rise of the Instant Hack

Tue, 03 Feb 2026 10:42:00 +0000

Since the launch of ChatGPT—and arguably even before it became a household name—the world of digital security has shifted on its axis. We are currently living through what I often call the most dangerous era for cybersecurity. While global tensions play their part, the staggering rise of AI as a hacking tool is the real game-changer. It has turned what was once a craft into a high-speed assembly line.

From ‘Hand-Crafted’ to High-Speed

In the old days (which, in tech terms, was only a few years ago), a successful hack was a long, laborious process. It was essentially a complex software development project. You needed a team of researchers, hackers and analysts working in tandem for weeks or even months. They had to manually scout a target, find a tiny crack in the armour, and then carefully build a bespoke plan to get inside.

The Rise of Open Claw - Brilliant Bot or Security Nightmare

Mon, 02 Feb 2026 19:10:00 +0000

Explore Open Claw (aka Clawd Bot, aka Molt Bot): the powerful local AI agent. Learn how it works, why a “bot social network” called Moltbook went viral, and how to stay secure while testing it.

It’s been a wild week in the world of AI. If you’ve been scrolling through tech Twitter (nay X) or Reddit lately, you’ve likely heard the buzz surrounding Open Claw (previously known as Clawd Bot or Molt Bot). It is a genuinely impressive tool that lets you run a personal AI assistant directly on your own computer.

Event: Axel talks about AI-Powered Cyber Threats at Biztech Roundtable

Thu, 29 Jan 2026 22:49:07 +0000

In the world of cybersecurity, the barrier to entry for criminals has effectively collapsed. While tools like ChatGPT and Claude are revolutionising our productivity, they are also handing bad actors a massive upgrade. From grammatically perfect phishing emails to sophisticated deepfake impersonations, the threats facing small businesses in 2026 are more convincing—and more dangerous—than ever.

I’ve been tracking these developments closely, noting a disturbing 3,000% surge in deepfake fraud and a massive spike in credential-stealing malware. For small businesses, the risk is no longer theoretical; it’s a matter of when, not if, you will be targeted.

Beyond the “Click”: Why Digital Hygiene is Your Best Weapon Against AI Phishing

Sat, 24 Jan 2026 10:30:00 +0000

Protect your SME from AI-driven scams. Learn how digital hygiene, passkeys, and robust password managers build a defensive shield against modern cyber threats.

In my last article, we looked at Defence in Depth—the idea of building an “onion” of security around your business. But there is a critical ingredient to that defensive posture that often gets overlooked: Digital Hygiene.

AI-Powered Cyber Threats: Why Your Small Business Needs to Wake Up Now

Fri, 23 Jan 2026 11:37:00 +0000

AI-powered cyber threats are targeting small businesses. Learn how deepfake scams, AI phishing, and credential theft work—and how to protect your company.

Look, I’m not trying to scare you, but we need to talk about something that’s fundamentally changed the cybersecurity landscape in the past couple of years. AI tools like ChatGPT and Claude? They’re brilliant for legitimate work. But they’ve also handed criminals a massive upgrade.

KEY FACTS AT A GLANCE

The Scale of the Threat:

Deepfake fraud incidents surged by 3,000% in 2024 [4]
84% increase in phishing emails delivering credential-stealing malware [2]
Deepfake creation services now available for $60-$500 per video [1]
Face-swapping tools range from free to $249/month subscriptions [1]

Real-World Impact:

Hong Kong company lost $25 million to a deepfake video call scam [1]
30% of all cyberattacks in 2024 used stolen credentials as entry point [2]
70% of cyberattacks targeted critical infrastructure organisations [2]

The Barrier to Entry Just Collapsed

Here’s the thing: you used to need serious technical skills to create convincing malware or phishing campaigns. Not anymore. There are literally prompts floating around the dark web that let anyone describe what they want in plain English, and boom—you’ve got semi-targeted malware. IBM’s X-Force report confirms that attackers are now using AI to craft grammatically flawless phishing emails, clone websites for credential harvesting, and even assist with malware code generation [2]. The floodgates haven’t just opened; they’ve been blown off their hinges.

The Power of Compartmentalisation

Fri, 16 Jan 2026 12:05:14 +0000

Stop mixing business with pleasure. Learn how digital compartmentalisation protects your family photos and business data from hackers and compliance risks.

As an entrepreneur or freelancer, your brain is effectively always “on.” But just because your thoughts are a constant mix of business and pleasure doesn’t mean your digital life should be. In the security world, we call the solution to this overlap compartmentalisation.

Think of your digital life like your home. You wouldn’t leave a collection of vintage knives on the floor of the playroom, would you? You put things in specific rooms and lock the ones that need protecting. Digital compartmentalisation is the same—it’s about putting your work life, your personal life, and your hobbies into separate “boxes” so a mess in one doesn’t ruin the others.

Data Minimisation Audit: A Checklist for Businesses

Mon, 12 Jan 2026 13:06:00 +0000

Streamline your security posture with our Data Minimization Audit Checklist. Learn how to identify “liability data,” audit third-party trackers like Facebook Pixels, and reduce your regulatory risk by collecting only the customer information you truly need.

Before you collect your next data point, run through this audit to ensure you aren’t inadvertently building a “liability time bomb.”

1. The “Purpose” Pressure Test

[ ] Identify the “Why”: For every piece of PII (Personally Identifiable Information) collected, can you name the specific business process it supports?
[ ] Challenge the “Just in Case” Mentality: Are you collecting data for a feature you might build in three years? If so, stop.
[ ] Regulatory Alignment: Does the collection of this data point strictly comply with GDPR/CCPA “purpose limitation” principles?

2. Technical Footprint Review

[ ] Tracker Audit: Inventory all third-party scripts (Facebook Pixels, LinkedIn Insights, Google Analytics). Are they capturing form data they shouldn’t be?
[ ] Automated Deletion: Do you have “Time to Live” (TTL) settings on logs and temporary customer profiles?
[ ] Anonymization: Can the marketing team get the insights they need from aggregated/anonymised data rather than individual user records?

3. Data Sensitivity Scan

[ ] The Birthday Test: Do you actually need a user’s exact Date of Birth, or just a confirmation that they are “Over 18”?
[ ] Location Scrutiny: Do you need a precise home address, or just a post code for regional demographics?
[ ] Proxy Acceptance: Does your system allow users to use email aliases or VoIP numbers, or are you forcing “real” identity markers?

4. Competitive & Breach Preparedness

[ ] The “Headline” Test: If this specific database were leaked tomorrow and appeared on a dark web forum, how much damage would it do to your customers’ lives?
[ ] Access Control: Is the collected data accessible to the whole company, or is it restricted to only those who need it for the “Purpose” identified in step 1?

Find out more about why capturing less data can be better for your business.

The Liability of Knowledge: Why Data Minimisation is Your Best Defence

Sun, 11 Jan 2026 15:36:33 +0000

Data is a liability, not just an asset. Learn why “knowing less” about your customers through data minimization can protect your business from catastrophic breaches, regulatory penalties, and spear-fishing attacks.

In the modern gold rush of digital marketing, “data is the new oil” has become a tired cliché. Sales and marketing teams are under constant pressure to harvest every scrap of user behavior, from browsing habits to home addresses, in a bid to optimize conversion. But from a security perspective, this massive data harvesting isn’t an asset—it’s a catastrophic liability.

The Onion Strategy: How SMEs Can Build a Bulletproof Defence in Depth

Tue, 06 Jan 2026 08:49:03 +0000

Protect your SME with the “Onion” strategy. Learn how DNS filtering, endpoint security, and the 3-2-1 backup rule create a multi-layered defence against hackers.

If you run a small business or work as a freelancer, you’ve likely heard the term “cybersecurity” and felt a mild sense of dread. It sounds expensive, technical, and frankly, a bit like something that only happens to giant corporations.