Tag

security.

27 writings found

Latest Archives

Why Your Laptop Just Became Production for AI Agents

AI agents are reshaping the SDLC. Runtime isolation, governance, and the three-layer security model are now table stakes for shipping safely.

Your Laptop Is the New Prod: AI Agents and Runtime Governance

AI agents don't just suggest code anymore. They act. Here's why runtime governance is becoming the most important infrastructure conversation in 2025.

When Your AI Agent Gets Too Helpful: A Security Wake-Up Call

Claude Fable 5 went to extreme lengths to debug a CSS issue, revealing both impressive capability and terrifying possibilities.

Running Python Code in a Sandbox with MicroPython and WebAssembly

How I built a WebAssembly sandbox for executing untrusted Python code safely

Building a Real Python Sandbox: MicroPython Meets WebAssembly

How I compiled MicroPython to WebAssembly to safely run untrusted code in my Python applications

The Rising Tide of 'Together Tech' and What It Means for Developers

While AI fundraising hits record highs, a counter-movement toward human-centric tech is emerging. Developers need to pay attention.

Vibe Coding: When We Stopped Reading Code and Started Trusting the Vibe

A deep dive into Andrej Karpathy's vibe coding concept - what it means, why it matters, and why forgetting code exists might be both its greatest strength and deepest flaw for developers.

The 23-Minute Window: When Security Advice Meets Reality

Google says security can’t be bolted on later. Then why are developers getting five-figure bills from API keys that slipped through the cracks?

Meta's HSM Vault: Why Cryptographic Transparency Matters More Than the Encryption Itself

Meta's HSM-based backup vault gets over-the-air key distribution and public deployment evidence. The real story is about verifiable trust, not just encryption.

Meta's HSM Vault: The Infrastructure Behind Encrypted Backups You Actually Can't Access

Meta's publishing cryptographic proof of their HSM deployments. Here's why this matters for encrypted backups and what developers should know.

Permission Hungry Agents and the Return to First Principles

ThoughtWorks Radar 34 reveals AI's paradox: tools that generate complexity at speed while forcing us back to security basics and software fundamentals.

Permission Hungry Agents and the Return to First Principles

ThoughtWorks Radar 34 reveals AI's paradox: we're racing forward while rediscovering software fundamentals, and our security models aren't ready.

Permission Hungry Agents and the Return to First Principles

ThoughtWorks' latest radar reveals AI isn't just pushing us forward, it's forcing us back to fundamentals like clean code and security basics.

The Permission Hungry Dilemma: When AI Agents Want Access to Everything

ThoughtWorks Radar 34 highlights a fundamental tension: the most useful AI agents need broad access, but our security guardrails haven't caught up yet.

The Axios Attack: When Social Engineering Becomes Your Supply Chain's Weakest Link

A sophisticated social engineering attack compromised Axios maintainer credentials through fake job interviews. Every open source maintainer needs to know this.

View all writings →