The next bubble that will pop: Big Social Media Right now, it’s still private companies controlling most of social media, for example X, Reddit or Facebook.
SonicDoor – Cracking SonicWall’s SMA 500 – SCRT Team Blog While attempting to compare the security level of various VPN vendors, I kept falling down the path of searching for vulnerabilities instead. This blog post details the ones I discovered in SonicWall’s SMA 500, which were patched in December 2024. This po...
So, you screwed up your EAA compliance. What now? · Eric Eggert The deadline of the European Accessibility Act (EAA) is near (June 28 is just 20 days away as I write this), and you just realized that …
Getting started with QT, without the nonsense At work I have recently (yesterday) ended working on a big project and I am now waiting for a new assignment. While I wait, I decided that I should take some time to learn something that could be useful both at work and for my personal projects. After so...
When the Assistant Becomes the Attacker: Hidden Risks of Tool-Enabled LLMs LLMs aren’t just chatbots anymore. Once you give them tools, they stop suggesting and start acting. This piece explores the real—and often overlooked—risks of giving LLMs the ability to affect the world.
No JS, No BS Ethical Web Analytics — Andrew Tropin I had two goals: to count AI crawlers DDoSing my nginx infrastructure and to see if anybody reads at least one of my three posts in the blog. To achieve both, I needed to gather data and transform it into meaningful insights, so basically I needed web an...
Focus and Context and LLMs I decided to write down some thoughts on agentic coding and why it’s a very hyped wrong turn. Let me start with some background on my LLM experience. I adopted LLMs into my work in Aug 2020. I was sold when I saw that GPT-3 could generate usable SQL state...
Ditching HAProxy (in my homelab) I'm always bothered by single points of failure. For my homelab, this quickly became a single HAProxy virtual machine. It existed on only one of my Proxmox instances (I can't replicate between them because the original instance doesn't use zfs. oops) so i...
The last six months in LLMs, illustrated by pelicans on bicycles I presented an invited keynote at the AI Engineer World’s Fair in San Francisco this week. This is my third time speaking at the event—here are my talks from October …
To index or not to index: which coding agent to chose? | Forge Code Comparing indexed vs non-indexed AI agents using Apollo 11's guidance computer code as benchmark. Deep dive into synchronization issues and security trade-offs in AI-assisted development.
Self-Host & Tech Independence: The Joy of Building Your Own Why I self-host my websites, newsletter, and homelab—and the satisfaction that comes from building and using your own digital tools.
Folklore.org: Joining Apple Computer 40 years ago today, I joined Apple Computer on April 27, 1978. It was a big turning point in my life and I am glad I said "Yes".
Washington Post's Privacy Tip: Stop Using Chrome, Delete Meta's Apps (and Yandex) - Slashdot Meta's Facebook and Instagram apps "were siphoning people's data through a digital back door for months," writes a Washington Post tech columnist, citing researchers who found no privacy setting could've stopped what Meta and Yandex were doing, since thos...
Software Renderer in Odin from Scratch, Part I In the first part of the longest series yet, I'll outline what's coming, and we'll lay a cornerstone for the project.
MCPs are mostly hype You don't really need to install that vulnerable MCP server. Solve your problem with 200 lines of Python and UV.
My secret productivity app when I worked at Stripe Back in 2019, I just joined Stripe. I found myself needing to convert epoch-from-millis to human-readable date extremely often when I look at the Chrome's Network tab.
The librarian immediately attempts to sell you a vuvuzela Imagine entering the biggest library in the world. You peer down an incredibly long aisle with wooden bookshelves brimming with books. You can see multiple such corridors, all lit with a comfortable warm light. There’s a rich smell of old paper. You can h...
Arguing point-by-point considered harmful Engineers love to have technical discussions point-by-point: replying to every idea in turn, treating each as its own mini-discussion. It just makes sense! A…
Will our next generation lose their own writing voice because of LLMs? | Random Walk I loved writing a lot as a teenager and college student, since it was the easiest and most natural way to express myself and connect with others. Even now, years later, I can read my old writing and feel connected with my past self and derive something ne...
Exploring the new Bluesky verification system On April 21st, the Bluesky team announced a new account verification system. In my opinion, one of the best bits about Bluesky was the ability to verify yourself using a domain name. This new system goes a step further, and I was curious about how it work...
It's a Great Time to be a Pen Tester Exploring how penetration testing has evolved alongside modern software development practices, and why AI-assisted red teaming might be the future of security validation.