I’ve been chuckling about this story that’s been doing the rounds on social media - someone managed to get a MarryBrown ordering kiosk at Melbourne Central to display feet pics instead of the usual menu. While the whole thing is admittedly pretty amusing, it’s also got me thinking about just how shocking the state of retail technology security really is.

The incident itself seems relatively harmless - no property damage, nothing explicitly inappropriate, and easily fixed. But what struck me most was reading through the comments from people who clearly know their way around these systems. Apparently, it wasn’t even a proper “hack” in the traditional sense. These kiosks are running ancient versions of Android, so old they’re probably still named after snacks. The ordering app crashes regularly, dumping users back to the home screen where they can essentially do whatever they want.

I’ve been scrolling through some tech discussions lately, and there’s one that’s been sitting with me for a while. It’s about a developer who’s been running game servers without downtime since 2016 - that’s over eight years of continuous uptime. The post sparked quite the debate, and honestly, it’s got me thinking about our relationship with uptime and what it says about our industry culture.

The original poster was clearly proud of their achievement, using the flexing muscle emoji and everything. But the responses were… well, let’s just say they were mixed. Some folks were impressed, others were horrified, and a few were just plain confused about how someone managed to pull this off without regular reboots.

Scrolling through tech news this morning, I came across something that made me both hopeful and deeply frustrated at the same time. Google’s rolling out a new feature in Android 16 that can detect fake cell towers - those sneaky “stingray” devices that law enforcement and other actors use to intercept your phone communications. On one hand, it’s brilliant that our phones might finally warn us when we’re being spied on. On the other hand, the fact that we need this protection at all says everything about the surveillance state we’re living in.

I’ve been mulling over a question that popped up in one of the tech communities I follow recently, and it’s one of those deceptively simple queries that actually opens up a fascinating discussion about security practices. Someone asked why using a reverse proxy is considered safer than directly exposing service ports, and honestly, their follow-up question was spot on: “Doesn’t it just bump the problem up a level?”

The question really resonated with me because it touches on something I see all the time in my DevOps work – people implementing security practices without fully understanding the underlying principles. It’s like following a recipe without knowing why each ingredient matters. Sure, you might end up with something edible, but you won’t know how to adapt when things go sideways.

Yesterday’s announcement about Gmail’s end-to-end encryption had me rolling my eyes harder than when my daughter tries to convince me TikTok is perfectly safe. Google’s latest attempt to appear privacy-conscious feels about as genuine as a $3 note.

Let’s be crystal clear about what’s happening here. This isn’t true end-to-end encryption (E2EE) being offered to regular Gmail users. Instead, it’s a corporate-focused feature specifically designed for Google Workspace customers who actually pay for their services. The reasoning isn’t hard to follow - Google’s bread and butter comes from scanning our emails to feed their advertising machine.

The recent revelation about Motorola’s ALPR systems leaking live video feeds and vehicle data has got me thinking about the surveillance state we’ve sleepwalked into. Sitting in traffic on Hoddle Street this morning, I found myself counting the number of cameras pointing at my car - traffic cameras, security cameras, and who knows what else.

Remember when we thought automatic number plate recognition was just about catching unregistered vehicles and toll dodgers? Those were simpler times. Now we’re learning that in just 20 minutes, one of these systems in Nashville captured data from nearly 1,000 vehicles. That’s not just license plates - we’re talking about detailed information about vehicle makes, models, and even photos.