Technical insights on software engineering, AI, cloud computing, and more.
Why I stopped hardcoding API keys in .env files and built CipherStack instead. The four-state machine behind LRU vending, the PostgreSQL lock that saved it under concurrency, and what an evening's worth of race conditions taught me about treating provider keys as a fleet.
Why I stopped shipping a Python client to 9,000 Linux servers for a security-critical credential fetch, what static linking actually buys you at fleet scale, and the surprising moment a stripped Go binary weighed less than the Python container image it replaced.
I gave my phone number to an AI. The naive path was Gemini Live for ~200ms speech-to-speech. That didn't survive contact with reality. Here's the three-stage pipeline I fell back to, the per-stage latency budget it forced, and the UX trick that makes 700ms feel like 300.
How a TF-IDF/NLP indexer for 1,000+ multimedia files went from 30 seconds to 1.5 on a single GPU. Batch shape mattered more than batch size, torch.compile earned its keep for a reason I didn't expect, and I burned three engineer-days chasing the last 10% before I quit.
My phone number is on the internet, and an LLM answers it. Six months in, here are the guard-rails that actually mattered — and the one 'never do this' rule I had to soften because it contradicted the site that advertised the bot.
Same input, same pixels, every render. The non-negotiable behind HyperFrames — and the places non-determinism kept sneaking back in. Font loaders, rAF cadence, GC pauses, and the one adapter that almost broke the contract.
The naive PII strategy is to scrub the corpus at index time. It's also the strategy that quietly destroys recall on every query that legitimately mentions a public entity. Here's why I moved the redaction pass downstream of retrieval — and how a DeBERTa PII model, an HNSW index, and a cross-encoder reranker fit inside a sub-2s p95 budget without stepping on each other.
The paper that landed at ICCIES 2025 argued for swarm heuristics over MARL for cooperative intersection control. This is the honest version — what we shipped, the RL baseline that never converged, the traffic-sim adapter that didn't make review, and what I'd take further at CMU.
The multilingual model was the obvious pick and it lost by six F1 points. Why tokenizer coverage beat parameter breadth on Bundesdatenschutzgesetz entities, what disentangled attention did to German compound nouns, and the cost of specializing a model inside a regulated pipeline.
The recall-vs-memory decision behind a GDPR-compliant RAG platform. Why I stopped reaching for IVF-PQ, what the graph index cost me in RAM, and the one thing about HNSW's insert path I didn't see coming until we crossed a million vectors.
I Couldn’t Get Claude Code to Start on Windows. It Took Me Way Too Long to Figure Out Why.So there I was, trying to start Claude Code on my Windows machine.I typed:claudeHit Enter… and nothing.The trust prompt just sat...
If you’ve tried following PortSwigger’s official documentation for installing Burp Suite’s CA certificate in Chrome, you probably noticed the screenshots and instructions don’t match what you see on your screen. That’s...
How I went from missing transcript frustration to finding my actual ChatGPT voice recordings through reverse engineering, DevTools, Burp Suite, and… a simple ZIP file.
Subscribe nowYou do something you were confident about, but suddenly your momentum falters. Now, it’s up to you to identify the issue and restore yourself to your previous stable state.I Reverse-Engineered ChatGPT’s Voi...
This is ampersnow. a space for ideas, thoughts, and questions. Here, every post is a spark, every thought gets a second glance, because curiosity drives us. Follow me for the journeyI am going to nerd out here, no more...