Practical guides, honest opinions, and hard-earned lessons from a quarter century at the coalface of Australian IT.
All Posts
Andrej Karpathy coined the term in February 2025. We've spent the year since building real things with AI coding tools — and the honest answer is more nuanced than either the hype or the backlash suggests. Where it genuinely helps, where it fails badly, and what it means for the future of IT work.
Zero Trust has become one of those IT terms that gets thrown around at every security conference and vendor pitch. Beneath the marketing, there's a genuinely useful framework — and you don't need an enterprise budget to start applying it. We break down what it actually means in practice: MFA, least privilege, network segmentation, and application-level access.
Every business thinks they have backups until they actually need them. After 25 years of incident response, we've seen every failure mode. RAID is not backup. Untested backups are not backup. We cover the 3-2-1 rule, RPO vs RTO, the mistakes we see over and over, and a practical stack for SMBs that's either free or very low cost.
After years of "cloud first" evangelism, a growing number of businesses are quietly bringing workloads back in-house. We share what we self-host — Forgejo, Nextcloud, Vaultwarden, Uptime Kuma — what we deliberately don't, and an honest account of the operational trade-offs for SMBs considering the same path.
Topics
25 years of specialisation means there's a lot to cover.