Cost of Securing IEEE 802.11s Mesh Networks Using CJDNS
The Internet is weak, it is broken, and we are not doing anything to fix it.
The Internet can be affected by natural disasters, wars, governments, and surveillance.
It is running out of address space and the internet service providers are not incentivized to fix it.
Mesh networks, using the IEEE standard 802.11s, may one day provide a more robust and resilient infrastructure.
IEEE 802.11s makes mesh networks a reality for users who otherwise would never have been able to setup such a distributed network.
Applications like cjdns are making it easier than ever to create secure wireless mesh network among communities.
This paper will look at the system costs associated with using cjdns.
How much performance are we willing to sacrifice for ease of use and security?
What's In Your Container?
I'm excited to be speaking at JFrog's swampUP conference in May.
I'll be speaking on using Xray and Artifactory to produce secure containers.
Avoiding known security vulnerability in prod, providing the US Gov with a complete Bill or Materials and ensuring compliance with copyright laws does not need to be scary.
A brief case study in how to use JFrog products to support missions and developers around the globe.
Dissertation Proposal Defended
I defended my dissertation proposal at the University of Colorado at Colorado Springs. My research focuses on supply chain security threats in open source software.
We are heading for a perfect storm, making open source software poisoning and next-generation supply chain attacks much easier to execute, which could have major implications for organizational security postures.
99% of modern software contains open source components, and supply chain attacks have increased 430% annually according to Sonatype.
New Paper in IEEE: Continuous Verification of Open Source Components in a World of Weak Links
I published a research paper titled "Continuous Verification of Open Source Components in a World of Weak Links" available through IEEE.
The paper addresses security risks in open source software, noting that 99% of today's software utilizes open source. These next-generation supply chain attacks have increased 430% in the last year.
The work presents six continuous verification controls that enable organizations to make data-driven decisions and mitigate breaches. In case studies, the controls identified high levels of risk immediately even though the package is widely used and has over 7 million downloads a week.
Spring 2025 Student Project Reflections
We just finished the Spring 25 semester at UCCS, and I am proud of my students who built some excellent applications in our Advanced Software Engineering course. Students shipped production-ready, AI-enhanced web apps—from a smart to-do list to a plant-ID game—using Django, external APIs, and CI/CD pipelines to identify code coverage metrics, code smells, and security vulnerabilities. Each team acted as a customer group for one group and a development group for another. They learned about full-stack development, cloud deployment solutions, agile methodologies, and teamwork, turning real-world problems into user-focused solutions.