Technical Writing
Tech Blog
Cloud security, identity, infrastructure, and research. Deep dives, tools, and practical guidance.
Self-Hosting Umami on Netlify + Azure: What I’d Do Differently (and Why Your Database Probably Isn’t the Problem)
A deep dive into deploying Umami with Netlify and Azure PostgreSQL, covering Prisma quirks, CSP pitfalls, cold start behaviour, cost trade-offs, and what I’d do differently next time.
Synthetic Authority and Constrained Probabilism: What Overloaded Minds Teach Us About AI
From Milgram to cognitive overload to modern agent systems, none of this is new. We are rediscovering decades of psychology the hard way - at machine speed.
MCP, Latency, and Constrained Probabilism
MCP doesn’t fail because of network latency. It struggles because of semantic latency, context rot, retries, and probabilistic drift. This post explores why, when MCP fits, when it doesn’t, and why Recursive Language Models may change the equation.
Capability ≠ Obligation: When Agentic Systems Start Hiring Humans
Agentic AI systems that can directly commission humans for real‑world tasks represent a qualitative shift in risk. This is not about hype or Hollywood. It is about incentives, accountability, abuse, and physical safety.
From Clawdbot to GAINet: When Agent Experiments Outrun Accountability
From Clawdbot to GAINet: When Agent Experiments Outrun Accountability This post didn’t start as a philosophical musing about AI. It started with a very practical, very familiar security reaction: “Why on earth is this …
Allowing ARM for Dev Box: When Portals Impersonate Users (and How to Avoid It)
Microsoft recommends allowing the Azure Service Management API from BYOD to enable Dev Box access. That guidance quietly expands the blast radius far beyond Dev Box itself. This post walks through why that happens, what’s really going on at runtime, and an undocumented deep-link that avoids the problem entirely.