Blog

Occasional thoughts on AI security, software development, and open source projects.

Recent Posts

Your AI Agent Will Cheat. Mine Can't.

April 13, 2026

The benchmark crisis isn't about dishonest AI companies. It's about models doing exactly what we told them to do. From Claude finding the BrowseComp answer key to models rewriting unit tests to pass, the pattern is clear: deny-list governance can't keep up. Allow-list architectures make shortcuts structurally impossible.

Clean Rooms, Dirty Pipes: PHALUS and the Supply Chain Paradox

April 3, 2026

In 1984, Phoenix Technologies hired a programmer who had never seen an Intel 8088 manual to write a functionally equivalent IBM PC BIOS from scratch. Forty-two years later, PHALUS does the same thing in about ninety seconds, with no humans in the room at all. A look at what automated clean-room reimplementation means for the future of open source.

What Agentic AI Can Learn from DOS Viruses

February 26, 2026

The structural parallels between DOS-era malware and modern agentic AI systems are deep enough to be instructive. Interrupt vector tables were the first tool registries, TSR programs were the first persistent agents, and stealth viruses pioneered the exact interposition attacks we now face with prompt injection.

Your Dark Factory Needs a Security Perimeter

February 20, 2026

Software is about to be built the way cars are: in factories that run with the lights off. The dark factory pattern is arriving fast — but the governance infrastructure isn't keeping up. A look at what enterprise-grade autonomous software development actually requires.

Introducing AAEQ: Adaptive Audio Equalizer

October 20, 2025

A deep dive into AAEQ, a cross-platform Rust application for intelligent EQ management and real-time DSP processing. Learn about the technical challenges of building a desktop audio application with network streaming capabilities.