KevHQ

Howya.

I’m Kev. A software + DevOps engineer, traveler, Bitcoiner, and builder of fast, secure, low-maintenance things.

This site is an unapologetic home for my passions: projects, writing, adventures and whatever else fits.

Read the blog Winging it on Wheels

What’s here

About: who I am in 60 seconds.
Writing: essays, notes, thoughts and ideas.
Projects: tools and code I’ve shipped (WIP).
Adventures: trips, tours, and misadventures.
Now: what I’m focused on today.
Colophon: performance, security, and design details.
Contact: say hi or work together.

Latest post

CVE-2026-33306: bcrypt on JRuby is broken at cost=31

I found my first CVE. A signed integer overflow in bcrypt-ruby's Java backend causes cost=31 to skip all 2 billion key-strengthening rounds. The hash looks valid but protects nothing.

Mar 22, 2026