Iran clearly has not been defeated, and is in a better position than before the war.

American bases, now referred to as “Trump’s Sitting Ducks” are exposed as undefended. The most rare and expensive American intelligence assets have been destroyed by inexpensive Iranian drones using Chinese and Russian targeting systems. Stockpiles are exhausted, forcing America to claim it is the one suing for peace. The American allies are insulted and pivoting to other partners.

Notably, Trump had announced he would pull 12,000 troops from Germany in 2020. That didn’t happen so he’s now back again, saying he will pull 5,000 to make a political point. It’s really a confession that Trump just improvises punishment, to fake looking like a strong man, instead of coming up with any strategy. Germany knows history, and why Mussolini was never a good advisor.

“We really don’t need any advice from Donald Trump right now. He should see the mess he’s made. He should make sure that serious peace talks are now being held in Iran,” Klingbeil said at a Labor Day event in Bergkamen in the Ruhr region.

February 22 I explained the strategic bankruptcy that would land in failure. February 28 I explained the objectives couldn’t be reached. This was all entirely predictable because we know Trump business deals are about going bankrupt.

Trump Steaks. Trump University. Trump Vodka. Trump Airlines. Trump Mortgage. Trump Casinos six times. The man is still the same crook: announce some “dream” venture with maximum spectacle, extract value during operation, default on obligations, blame counterparties, walk away leaving creditors and partners holding the bag. The Iran war and the Germany posture are sovereign assets instead of the tacky branded merchandise nobody is buying.

Look at how American bases were built as forward projection, and used to have value. They now are embarrassing collateral Trump cannot defend or reposition. This is just like his casinos that he kept operating empty and silent past insolvency because admitting anything and closing them would crystallize his massive losses.

Saudi Arabia opening to Tehran? That’s huge. UAE hedging through Beijing? Trump is cooked. UK refusing the air bases for the strikes? Stunning. Merz saying Trump can’t handle the job? These are people who recognize the workout phase of Trump’s repeating reputation is about suckers getting sucked in. The bankruptcy filing is not worth waiting for. They are filing claims and diversifying because Trump is being a Trump.

No objective, no allies, no defensible posture, no authorization, no exit. The question is who absorbs all the Trump loss so he can carry on again claiming it was his greatest success. The pattern says it will be the same parties who absorbed the losses on every other Trump venture: workers, partners, taxpayers, and anyone who allowed his brand to run at face value. Of course he’s picking fights to maximize damage, like a dictator in decline, while pulling out and backing down.

Bankruptcy is how he loots a company. Dictatorship is how he loots a country. Same crook, bigger collateral, more tragic end.

Satellite imagery is revealing “unprecedented” destruction of U.S. military bases and equipment in the war with Iran.

At least 16 American military sites have been damaged in Iranian strikes, making up the majority of US positions in the Middle East, a new CNN investigation can reveal. The damage includes high-value targets, raising questions about America’s footprint…

The U.S. is now seen as a “sitting duck” in the region, as countries hosting these bases look for better partners. Note the dates and compare them to Hegseth’s statements about status.

The Ukrainian defense forces know exactly how to defend against these attacks. Yet when America desperately needed Ukrainian aid, it instead saw J.D. Vance push Ukraine away.

JD Vance brags about halting Ukraine aid — sources say he’s not just talking, he’s driving policy

The results of throwing themselves into a war they can’t win are perhaps beginning to land on Trump and Vance.

Newsflash! AES-128 holds up against quantum computers.

Filippo Valsorda took a walk through the math last week. Ok, but we already knew that NIST treats AES-128 as the Category 1 benchmark by definition, and BSI recommends AES-128. Outside CNSA 2.0, no compliance regime requires moving off AES-128, and CNSA 2.0’s AES-256 mandate is for uniform Top Secret protection, not Grover resistance.

Not exactly news after all, I guess. Alas, since I have been probing the Internet for a long while now, I can tell you what’s been really happening with AES key sizes out there related to post-quantum key exchange.

For example, hosts that only negotiate AES-128 adopted PQC come in at a respectable 48%. Compare that with hosts that only negotiate AES-256 and you see PQC drop off a cliff to 6%. The hosts that accept either one sit at 0%. Some of these may be cautious operators waiting for validated implementations, but the TLS 1.2-era cipher pinning pattern is visible in the configs.

I think it’s reasonable to say that we should expect the AES-256 population to be at least comparable, or even better than AES-128. Someone who specified a stronger symmetric cipher might also have taken the trouble to deploy hybrid key exchange. Well, I’m here to tell you the data says otherwise. Clearly the AES-256-only crowd are the worst-prepared for PQ.

It’s detailed on the pqprobe blog. The short version is that AES-128-GCM in a TLS 1.3 suite is mostly a marker of being behind a CDN, and the CDNs are also where ML-KEM has been deployed since 2024. The AES-256-only configs appear to be older server-side preference lists from the TLS 1.2 era that pinned AES-256 alongside classical key exchange and never got revisited.

That’s another way of saying AES-256-only hosts are legacy, and haven’t updated their TLS config in years. They picked AES-256 back when dinosaurs roamed the networks and locked everything else in alongside it: the key exchange, the curve, the signature algorithm. They got the symmetric cipher right and went extinct before Shor said he doesn’t care about the symmetric cipher.

If you have AES-256 pinned somewhere in your stack, that is fine on its own. The question is what else got pinned in the same file. The PQC adoption number I’m probing for that population is barely registering. The hosts falling behind while using AES-256 to be ahead, got there by leaving everything else alone.

Bell bottoms were also forward-looking once. Space age, mod, the future. Then they became the thing you point at to date a photograph.

All the data and methodology are up for your inspection.

Shots fired! Politicians and reporters scrambling! Headlines claim an assassination was averted. Whew! Let’s check in now to review this miraculous security work that stopped a killer.

Record scratch.

Have you seen this hotel security video?

A man walked up to a checkpoint at the Washington Hilton during the White House Correspondents’ Dinner on April 25th. The president, vice president, and most of the cabinet were one floor below. The man was Cole Tomas Allen, a paying guest at the hotel openly carrying a shotgun around the hotel.

The video shows this was no checkpoint after all. A magnetometer was lying flat on the floor being disassembled. Two agents were crowded around it packing up. Three officers were leaning on the wall near them, idling. Allen walked out of an elevator bank thirty-five feet away and in three seconds was easily past the guards.

The K9 unit alerted on Allen seconds before he came out of the room with the shotgun. The dog tried to enter the room twice. The handler pulled the dog back both times. The handler appears to speak with Allen briefly, then turn away from the door. Half a second after the second pullback, Allen emerged with the weapon. A trained detection animal was stopped from doing the work it was trained for. That happened in the corridor outside the checkpoint that was being torn down.

Allen then passed through the magnetometer still standing like it wasn’t even there. The screening line was put away, while the man it was supposed to protect was one floor below being served the first course of dinner. The only perimeter left to breach was none at all, officers standing on the sides of the hallway.

Allen swung the shotgun mostly pointed at the ground as he ran. CNN’s audio forensics expert counts six shots total. Four of those are visible muzzle flashes from the Secret Service officer’s pistol. The remaining two are perhaps Allen firing once and an officer’s round that didn’t register on camera. The court filing says Allen fired when he reached the stairs leading down to the ballroom. The stairs are past the checkpoint, away from V.G., away from the officer who shot at him. The prosecutors say the shotgun was found at the bottom of those stairs, after Allen tripped and fell. One spent shell in the chamber, unejected. Either he fired before and carried a club, or discharged late, possibly when he tripped and dropped his gun.

The video reveals the security response to the threat was delayed, reckless and unprofessional. An officer drew his weapon and fired four rounds in a hallway towards at least five other personnel. The officer does not flinch, stagger, or react like a man who has just taken a round to the vest. Not when Allen comes toward him, or when he passes him. Not before he draws. Not before he fires.

Let’s recap. An open carry environment with a restrained K9, a broken-down checkpoint, idling guards not paying attention, a man who passes through with a shotgun mostly down, and a guard who opens fire in the direction of his colleagues.

Now read the deranged spin coming from the White House.

The DOJ affidavit, filed Monday, alleges that when Allen ran through the magnetometer the agents heard a gunshot, Officer V.G. was shot in the chest, and V.G. then fired back. The White House calls this a heroic agent who returned fire after being hit.

Nope. The video contradicts this. The White House lied.

The discharge count requires Allen to have discharged. The latest court testimony is that Allen fell and dropped the gun, and it went off into a door. That does not sound like a discharge during a crime of violence. The assault count requires Allen to have shot V.G. The question is how a shotgun blast later in a stairwell could have earlier hit V.G. standing at the checkpoint.

0 for 2.

The most dangerous person in that hallway was the one who fired four rounds toward his own colleagues at a checkpoint that was already down and practically open.

But let’s go a level deeper. This is a story about what the current Secret Service does when its dubious perimeter fails. The agencies that exist to provide accountability apparently run for cover. The FBI signed an affidavit the video plainly contradicts. The acting AG announced charges that are false. The Secret Service director told Congress the perimeter is classified, nothing to see, as if an ostrich is the new national bird.

Federal magistrate Judge Moxila Upadhyaya called the prosecutors to the bench and admonished them privately for grandstanding. Her words:

I don’t know what’s going on here. I know that you want to present your case, I guess, to some audience other than the Court. I don’t want this to turn into a circus.

She blocked them from showing video and photos in court because Allen had agreed to detention and the display wasn’t needed. CNN obtained the transcript and the judge ordered it added to the public docket. The prosecution then released the video on social media anyway, with a letter to the court claiming they had “formally completed the record.” The judge has basically confirmed the prosecutors running the public narrative are operating outside the evidence.

Open carry in hotels, as if a John Wayne-fiction is not supposed to remain fictional, seems to be related to this incident. I see a mentally unwell man in cosplay more than credible threat. A paying guest carried a shotgun around the building. A dog caught it, but the humans did not. At least eight personnel in frame ignore him. One opens fire. That’s not one officer’s mistake. That smells rotten from the top. Someone authorized the screening line down, while the people needing protection were still inside. Someone held back the K9. The big failures were in place before Allen walked into the camera view looking like a suicide candidate.

The four rounds the officer fired toward his fellow officers are hard to watch. An officer shot in the chest by a shotgun, trying to return aimed fire, does not stand forward to put rounds across his own colleagues’ line. The shooting pattern on the video indicates that officer was not hit, didn’t intervene into the man’s path, and continued to fire as the man ran past him. Eight other officers nearby. The detection failure was bad, the prevention failure even worse. A checkpoint that wasn’t watching produced an officer who fired blindly into his own team. The DOJ affidavit converts both catastrophic failures into a heroism narrative.

If Allen never fired at the officer, then a “loud gunshot” in the affidavit is the officer’s first round. The officer fired first. The legal posture of the entire case inverts. I see no assassination attempt, where an agent heroically returned fire. I see an armed man approaching a checkpoint, met with reckless discharge by an officer who fired on his colleagues and then claimed credit for stopping the threat he himself created.