Technical Writing
Tech Blog
Cloud security, identity, infrastructure, and research. Deep dives, tools, and practical guidance.
The Model Isn't the Risk. The Harness Is (Part 1): The Leak, the Context, and the Framework
Part 1 of 3. The Anthropic Claude Code source map leak — why the real story isn't the secrets that weren't there, it's the architecture that was. Introducing the three-phase methodology and what Phase 1 Recon revealed.
OID-See v1.1.0: External Identity Posture, iOS Support, and New Auth Methods
OID-See v1.1.0 adds JWT parsing and external identity posture, a universal graph view with iOS support, eight cross-tenant filter presets, new scanner authentication methods, and a fully Web Worker-backed architecture.
Self-Hosting Umami on Netlify + Azure: What I’d Do Differently (and Why Your Database Probably Isn’t the Problem)
A deep dive into deploying Umami with Netlify and Azure PostgreSQL, covering Prisma quirks, CSP pitfalls, cold start behaviour, cost trade-offs, and what I’d do differently next time.
Synthetic Authority and Constrained Probabilism: What Overloaded Minds Teach Us About AI
From Milgram to cognitive overload to modern agent systems, none of this is new. We are rediscovering decades of psychology the hard way - at machine speed.
MCP, Latency, and Constrained Probabilism
MCP doesn’t fail because of network latency. It struggles because of semantic latency, context rot, retries, and probabilistic drift. This post explores why, when MCP fits, when it doesn’t, and why Recursive Language Models may change the equation.
Capability ≠ Obligation: When Agentic Systems Start Hiring Humans
Agentic AI systems that can directly commission humans for real‑world tasks represent a qualitative shift in risk. This is not about hype or Hollywood. It is about incentives, accountability, abuse, and physical safety.