Skip to content

Blog

Interesting Reads

Web

  • Keep a Work Journal
    • Writing down what you do during the day helps keep you on task, minimizes impact of disruptions, etc. Good idea, terribly difficult in practice
  • Founders Create Managers
    • Camille Fournier talking about 'Founder Mode' from Paul Graham / Brian Chesky, and how it leads to immature assholes and people running the company in 'Manager Mode'

Books

  • Army of None - Paul Scharre
    • Chapters about US and others 'not developing autonomous weapons', mostly focusing on '3rd Offset' by Robert Work. Interesting bit about UK terminology - 'autonomous' vs 'automated' and playing with specific words to avoid being called out for things.

Papers / Articles

  • AI Situational Awareness - GPT4 to AGI
    • Interesting perspective on AGI and AI growth, and how fast and how much of a jump current models are making, accelerating much faster than expected. 'Trust the growth curve' promises some crazy stuff, but also, smells fishy

  • AI Situational Awareness - AGI to Superintelligence

    • Continued reading a larger paper in big chunks. The argument here that we're approaching LLMs that can create generators that improve LLM training. I need to figure out how to disambiguate this vs. the studies I've seen showing that training AI data from AI developed data is a recipe for poor performance; but also, the PhD stories about 'methods' in papers being sent to LLMs that generate the PhD thesis in a few minutes instead of months...

  • AI Situational Awareness - Racing to the Trillion Dollar Cluster + other chapters

    • Finished this up, and uh, it really went to a different place than expected. The author bangs the drum for SCIFs and DoD AirGapped networks and stuff to protect the big clusters and AI secrets. He obviously has never worked in that space (and is like, 25?), but lol. just lol.

Rustlings

In a second attempt to learn Rust well enough to actually build something of use with it, I've discovered the Rustlings tool, which is an interactive teaching tool from the Rust foundation.

Basically, you install rustlings, and it generates a series of broken rust files as a variety of exercises and quizzes for you, and then provides a CLI tool to walk you through them and track completion, etc. as well as provide hints if you are lost on how to do part of the exercise.

It's pretty slick, lets you stay all in your IDE:

Rustlings

So far, it's pretty straight forward. Most slowness/awkwardness in Rust is with the slight syntactic differences from Go and Python (such as including a method return type after an arrow). For example, the following snippet returns a Vector of i32s:

fn vec_map_example(input: &[i32]) -> Vec<i32> {}

It is clear and obvious when reading it, but I'm just not used to writing it yet. The other bit that has given me pain while writing is forgetting the : symbol for type assignment (e.g. that input: &[i32] segment).

Oh, and adding ; at the end of the line....except when you don't! It's like the worst part of JavaScript :(

With that said, the compiler warnings are, as promised, insanely helpful! 'Did you mean to do X' is almost always exactly what was meant.

  • in DevOps
  • 1 min read

Changing to mkdocs

I've been a big fan of Mkdocs and especially the MKDocs Material Theme for years. We sponsor Martin for the Material Theme at work, and use it extensively to provide easy to use custom-looking documentation sites for our customers.

Figured it was about time to switch from Hugo to MKdocs for my personal site, maybe make it easier to add content now...

Dev is Prod

Everyone’s shifting left

It seems like everybody is shifting to CI/CD. Hopefully, they are involving security (‘shifting left’ on security), and security is engaging.

Discussions around security and CI/CD focus on security of the product under development, rather than details of the development tooling.
DevSecOps focuses on mitigating bugs and security problems early in the development lifecycle at best, and vulnerability scanning container artifacts as part of a deployment pipeline at worst (while still a net positive step). The data shows shifting security left in this fashion is a solidly positive impact for organizations 2.