Tomorrow (November 18) at 1PM, I'll be in Concord, NH at Gibson's Books, presenting my new novel The Lost Cause, a preapocalyptic tale of hope in the climate emergency.
On Monday (November 20), I'm at the Simsbury, CT Public Library at 7PM
Last April, Propublica's Joshua Kaplan, Justin Elliott and Alex Mierjeski dropped a bombshell: Supreme Court Justice Clarence Thomas had been showered in high-ticket "gifts" by billionaire ideologue Harlan Crow, who subsequently benefited from Thomas's rulings in the court:
This was just the beginning: in the coming days and weeks, more and more of Thomas's corruption came to light, everything from the fact that his mother's home had been bought by Crow, to the fact that Thomas's adoptive son went to a fancy private school on Crow's dime:
The news was explosive and not merely because of the corruption it revealed in the country's highest court. The credibility of the court itself was at its lowest ebb in living memory, thanks to the two judges who occupied stolen seats – Kavanaugh and Coney Barrett. One of those judges – Kavanaugh – is a credibly accused rapist. Thomas is also a credibly accused sexual abuser:
Then, this illegitimate court went on to deliver a string of upsets to long-settled law, culminating in the Dobbs decision, which triggered state laws that force small children to bear their rapists' babies:
That was the context for the Thomas bribery scandal, which was swiftly joined by another bribery scandal, involving Samuel Alito's improper acceptance of valuable gifts from Paul Singer, another billionaire who brought business before the court:
This string of scandals and outrages naturally prompted public curiosity about the Supreme Court's ethical standards, and that triggered fresh waves of incredulous outrage when we all found out that the Supreme Court doesn't have any:
When Congress made tentative noises about providing minor checks and balances on the court, the justices erupted in outrage, telling Congress to go fuck itself:
Chief Justice Roberts went on whatever the opposite of a charm-offensive is called (an "offense offensive?"), a media tour whose key message to the American people was "STFU, you're hurting our feelings":
To the shock of no one except billionaires and Supreme Court justices inhabiting the splendid isolation from societal norms that is the privilege of life tenure, America didn't like this. The Supreme Court's credibility plummeted. A large supermajority of Americans – 79%! – now support age limits for Supreme Court justices:
Support for packing the Supreme Court is at an historic high and gaining ground, now sitting neck-and-neck with opposition at 46% in favor/51% opposed. Among under-30s, there's a healthy majority (58%) in favor of appointing more SCOTUS justices.
As Roberts' wounded bleats reveal, SCOTUS is very sensitive to its plummeting legitimacy. After all, the court doesn't have an army, nor does it have a police force. Supreme Court rulings only matter to the extent that the American people accept them as legitimate and obey them. Transformational presidents like Lincoln and FDR have waged successful wars against the Supreme Court, sidelining its authority and turning it into an unimportant rump institution for years afterward:
Now the Supremes are working their way through the (mythological but convenient) five stages of grief. Having passed through Denial and Anger, they've arrived at Bargaining, with the publication of the court's first "code" "of" "conduct":
It's…not good. As Max Moran writes for The American Prospect and The Revolving Door Project, the proposed code amounts to "security theater," a set of trivially bypassed strictures that would not have prevented any of the scandals to date and will permit far worse in the years to come:
The security framing is a very useful tool for evaluating the Supremes' proposal. The purpose of a code of conduct isn't merely to prevent people from accidentally misstepping – it's to prevent malicious parties from corrupting the judicial process. To evaluate the code, we should red team it: imagine what harms a corrupt judge or a corrupting billionaire would be able to effect while staying within the bounds the code sets.
Seen in that light, the code is wildly defective and absolutely not fit for purpose. Its most glaring defect is found in the nature of its edicts – they are almost all optional. The word "should" appears 53 times in the document, while "must" appears just six times:
Of those six "musts," two are not pertinent to ethical questions (they pertain to the requirement for a justice to get prior approval before getting paid for teaching gigs).
When the code of conduct was rolled out, the court and its apologists pointed out that it was modeled on the ethical guidelines that bind lower courts. In the wake of the Thomas revelations, these guidelines were a useful benchmark to measure Thomas's conduct against. The fact that other federal judges would have been severely sanctioned or even fired if they had engaged in the same conduct as Thomas was a powerful argument that Thomas had overstepped the bounds of ethical conduct.
But as Bloomberg Law discovered when they compared the lower courts' codes to the Supremes' draft, the Supremes have gone through those lower court codes and systematically cut nearly every mention of "enforce" from their own draft. They also cut the requirement to "take appropriate action" if a violation is reported.
If you are a bad judge or a bad donor, all of this is good news. Nearly everything that it condemns is merely optional, which means that if a judge can be convinced to ignore a rule, they won't have violated the code. What's more, even widespread rulebreaking doesn't trigger an investigation. That's a very weak security measure indeed.
But it gets worse. The Supremes' code also omit key definitions found in the codes that bind the lower courts. The most important definition to be cut is for "political organization," which the lower courts define expansively as both parties and "entit[ies] whose principal purpose is to advocate for or against political candidates or parties." That definition captures "nonprofits, think tanks, lobbying firms, trade associations, grassroots groups" – the whole panoply of organizations whom federal judges must maintain an arm's length distance from in order to preserve their objectivity. Federal judges may not lead, speak at or donate to these organizations.
By omitting this definition, the Supremes open the door to involvement with precisely the kinds of PACs, thinktanks and other influence organizations funded by the billionaires who have benefited so handsomely from the judges' rulings.
What's more, the Supremes carve out an explicit exemption for speaking to "nonprofits, think tanks, lobbying firms, trade associations, grassroots groups," and to serving as a director, trustee or officer of "a nonprofit organization devoted to the law, the legal system, or the administration of justice and may assist such an organization in the management and investment of funds."
As Moran points out, this exemption would cover – among other institutions – the far-right Federalist Society, which satisfies all those criteria. That means a Supreme Court justice could sit on the board and raise funds for the FedSoc without raising any issues with this code – not even one of those squishy "shoulds." Nothing in this code would stop Clarence Thomas or Thomas Alito from accepting lavish gifts, private jet rides, or luxury tour buses from billionaires with business before the court:
As Moran writes, these definitional vacuums are a well-understood class of weaknesses in ethics codes. Congress gets a lot of mileage out of this ruse – for example, by narrowly defining "lobbying" to exclude things that most people understand that term to mean, Congress engage in improperly close relations with lobbyists while still maintaining that they hardly ever talk to a lobbyist at all:
The same ruse goes for campaign contributions – if you want to accept a lot of campaign contributions that would fall afoul of ethics rules, just narrow the definition of "campaign contribution" until all the money you're receiving no longer qualifies.
Moran closes by calling on Congress to formulate a real, meaningful code of conduct for the Supremes, one that orders Supreme Court judges not to accept corrupting gifts and to maintain the arm's length neutrality that the rest of the federal judiciary is required to keep. Rather than this new code of conduct constituting proof that SCOTUS can be its own oversight, its gross deficiencies should put to rest any question about whether the Supremes can be trusted to regulate themselves.
If you'd like an essay-formatted version of this post to read or share, here's a link to it on pluralistic.net, my surveillance-free, ad-free, tracker-free blog:
Hack-Tools v0.3.0 - The All-In-One Red Team Extension For Web Pentester
Hack-Tools v0.3.0 - The All-In-One Red Team Extension For Web Pentester #AllInOne #ChromeExtension #cybersecurity
The all-in-one Red Team browser extension for Web Pentesters
HackTools, is a web extension facilitating your web application penetration tests, it includes cheat sheets as well as all the tools used during a test such as XSS payloads, Reverse shells and much more.
With the extension you no longer need to search for payloads in different websites or in your local storage space, most of the tools…
Why Cybersecurity Is No Longer an IT Decision; It’s a Business Strategy
In 2025, the global average cost of a data breach was $4.44 million. In the United States alone, that number reached a record $10.22 million. And according to IBM, most organisations still take an average of 241 days to even detect a breach, meaning many are already compromised long before anyone in leadership knows about it.
These are not technology statistics. They are business statistics.
And yet, for most organisations, the conversation about cybersecurity still starts too late. After the breach. After the audit finding. After the client calls asking whether their data is safe.
By that point, the damage is not just technical. It is operational. It is reputational. And more often than not, it is entirely avoidable.
The organisations getting this right are not waiting for a crisis to force the conversation. They have made cybersecurity a boardroom priority, not because they were told to, but because they understood what was at stake before anyone else did.
That shift, from reactive to proactive, from IT function to business strategy, is what separates the organisations that survive a breach from the ones that do not recover from one.
The Server Room Is Not Where This Story Lives Anymore:
For a long time, cybersecurity had a very comfortable home. It sat in the background, managed by a small team, funded just enough to keep things running, and largely invisible to anyone above the middle management layer.
That model made sense in a different era. When systems were simpler. When the attack surface was contained. When the consequences of a breach were inconvenient rather than catastrophic.
That era is over.
Today, a single security incident can halt operations across an entire organisation. It can trigger regulatory investigations that run for months. It can erode customer trust that took years to build. It can shake investor confidence and impact the bottom line in ways that take years to recover from.
This is not a technology story. This is a business story.
What Actually Changed:
The shift did not happen overnight. It happened gradually and then all at once.
Businesses started scaling faster. Moving to cloud environments. Adopting third-party platforms. Building deeper integrations across their supply chains. Each of these decisions, made for entirely legitimate business reasons, quietly expanded the attack surface without anyone fully accounting for the risk.
At the same time, the threat landscape evolved. Today’s cyber threats are sophisticated, targeted and patient. They do not break down doors. They find the unlocked window you did not know existed.
And the regulatory environment caught up. GDPR. CERT-In frameworks. RBI cybersecurity guidelines. SEBI mandates. Regulators across the world made one thing very clear. Organisations are accountable for the security of their data and their systems. Full stop.
Cybersecurity stopped being the IT team’s responsibility. It became the board’s liability.
The Gap Nobody Talks About:
Here is the uncomfortable truth most organisations are sitting with right now.
There is a gap, sometimes a significant one, between what the leadership team believes is happening inside their security infrastructure and what is actually happening.
It is not intentional. It is not the result of negligence. It is the natural consequence of treating cybersecurity as a technical function rather than a strategic one.
When security conversations only happen at the operational level, the people making the biggest decisions about acquisitions, technology investments and market expansion are making them without full visibility into the risk they are carrying.
That gap is where the most expensive problems live.
What Leadership Ownership Actually Looks Like:
When we talk about cybersecurity becoming a boardroom conversation, we are not talking about CEOs learning to code or CFOs reading threat intelligence reports.
We are talking about something far more practical.
It means cybersecurity risk sits on the same agenda as financial risk, operational risk and reputational risk. It means the questions being asked at the leadership level go beyond “are we compliant?” to “are we genuinely resilient?” It means investment in security happens proactively, not reactively in the aftermath of an incident.
It means the CISO has a seat at the table. Not just a ticket to raise when something goes wrong.
Organisations that have made this shift do not just respond to threats better. They make smarter decisions across the board because they have an accurate picture of their risk at every level.
Proactive Is Not a Buzzword. It Is the Only Strategy That Works:
The organisations navigating today’s threat landscape with confidence are not the ones with the biggest security budgets. They are the ones asking the right questions before the problem arrives.
Is our infrastructure built for the scale we are operating at today, not three years ago?
Do we have genuine visibility into our third-party risk exposure?
Are we meeting our regulatory obligations or just checking boxes?
Has our security posture been stress-tested against the threats actually targeting our industry right now?
These are not technical questions. They are business questions. And they deserve to be answered at the business level.
The Bottom Line:
Cybersecurity has graduated.
It has moved from a line item in the IT budget to a core pillar of business resilience. From something that happens in the background to something that sits at the centre of how the most forward-thinking organisations operate.
The shift is not coming. It is already here.
The only question worth asking now is whether your organisation is leading that conversation or waiting for a crisis to force it.
At Code Decode Labs, one of the best cybersecurity companies, we believe cybersecurity is not a technical checkbox. It is a strategic imperative. One that every organisation, regardless of size or industry, deserves to get right.
Decoding Complex. That is not just our tagline. It is what we show up to do every day.
Code Decode Labs Unveils New Brand Identity on National Technology Day 2026
On 11th May 2026, National Technology Day, Code Decode Labs made an announcement that had been in the making for a long time — a complete brand identity refresh, featuring a new logo and a renewed commitment to the philosophy that has always driven us: Decoding Complex.
This is not just a design update. It is a declaration of where we stand, where we are headed, and what we believe great cybersecurity leadership looks like.
A Legacy Worth Evolving
Founded in 2010 by Sachin Ajit Singhai and Vishakha Sanjaykumar Singhai, IITians and Certified Cyber Experts, Code Decode Labs has spent over 15 years building one of India’s most trusted cybersecurity and technology consulting firms. With a presence across 5 Indian cities, operations spanning 30+ countries, partnerships with 50+ OEMs, and a track record of auditing 10,000+ organisations globally, we have never been a company that stands still.
We have discovered and reported over 10 lakh bugs and vulnerabilities. We have maintained a CSAT score of 98%. We have grown consistently at 35% year on year, earning the trust of 2000+ clients across the globe.
And now, we are taking the next step forward.
Why Now?
As Code Decode Labs grew — in scale, in depth, in global reach — we felt the brand needed to reflect a broader, bolder vision. The identity had to rise to meet the ambition. The brand had to say that clearly and confidently.
Rebranding is never a decision taken lightly. But when the work speaks this loudly, the brand must speak just as loudly. This rebrand was not about changing who we are. It was about making it impossible to miss who we are.
Finally Giving Our Tagline the Stage It Deserves
Decoding Complex has always been our tagline. But for a long time, it lived quietly in the background , present, but never truly introduced or explained.
Today, we change that.
Because those two words carry everything we stand for as a cybersecurity and technology firm.
Every threat has a pattern. Every challenge has a solution. Every complexity can be decoded. That is what we show up to do every single day. Whether it is a sophisticated cyberattack, a regulatory compliance challenge, or a deeply technical security problem, our answer has always been the same: we will decode it.
Decoding Complex is not just a tagline. It is our operating philosophy, our daily commitment, and our promise to every organisation that trusts us with their security.
Breaking Down the New Logo Design
Every element of the new Code Decode Labs logo was chosen with deliberate intent. Nothing is decorative. Everything means something.
The Octagon: The foundation of the new logo is an octagon, a shape that represents Structure, Precision, and Resilience. These are not just design principles; they are the three pillars of how we approach every cybersecurity engagement, every audit, and every threat assessment we deliver for our clients worldwide.
The Stripes: Running through the octagon are bold vertical stripes, representing data, code, and the layered complexity of the digital world, structured, organised, and decoded. In a world overwhelmed by cyber noise, we bring clarity. The stripes are a visual metaphor for exactly that.
The Brackets: At the very centre of the mark sit brackets, the universal language of programming and technology. Because at the core of everything Code Decode Labs does, we speak the language of technology fluently. It is not just our tool; it is our mother tongue.
Together, these three elements create a mark that is bold, minimal, and deeply meaningful, a logo that does not just look modern but tells a story.
Same Expertise. Stronger Identity.
A rebrand done right does not erase what came before; it elevates it. Our cybersecurity expertise has not changed. Our commitment to client success has not changed. Our team of security researchers, red teamers, compliance experts, and engineers — none of that has changed.
What has changed is how we show up. And in a digital-first world where brand perception shapes buying decisions, showing up with clarity and confidence matters more than ever.
We have always been trusted, and this new identity simply makes sure that trust is visible the moment someone encounters Code Decode Labs for the very first time.
A Day Worth Marking
National Technology Day commemorates India’s technological achievements and the spirit of innovation that drives them forward. There could not have been a more fitting day for Code Decode Labs to take this step.
This rebrand is a milestone. A marker that says: we have grown, we have evolved, and we are built for the next decade of cybersecurity challenges.
Because the best brands don’t just grow — they transform.
Explore our cybersecurity services and learn more about Code Decode Labs, one of the best cybersecurity company in India & USA at www.codedecodelabs.com