Anthroipcs announcement, a Brake Pedal, or a Press Release?
Anthropic wants the option to pause frontier AI development. A platform engineer reads the data behind the 'recursive self-improvement' warning β and the timing.
#platform-engineering
The Knowledge Bill Comes Due Part 2
A follow-up to The AI Headcount Panic. The numbers crossed 150,000, and the first codebases gutted of senior engineers are starting to break. The bill arrives on a lag.
The AI Headcount Panic, Bad Bets, and Lost Knowledge
Companies across the globeβand Israeli high-tech especiallyβare mass-laying off in the name of AI. But is AI really the reason, or just the best available excuse?
FedRAMP, From the Platform Side β Glossary: NIST SP 800-53 Control Families
A quick-reference glossary of NIST SP 800-53 control families referenced throughout the FedRAMP series β RA, CM, SA, AC, AU, SI β and what each one means for platform engineers.
FedRAMP, From the Platform Side β Part 4: Drawing the Boundary Part 4
Drawing the FedRAMP authorization boundary is the most consequential platform decision in the program β what's in, what's leveraged, what's external, and how 20x turns the boundary from a Visio diagram into a data structure.
The Infrastructure Wall: Why Your Agent Demo Died in Production
Everyone prototypes an AI agent in a weekend. Almost nobody ships it cleanly. Here's the wall you're about to hit β and how the platform is evolving to remove it.
FedRAMP, From the Platform Side β Part 3: Where FIPS Lives Inside FedRAMP Part 3
FIPS-validated crypto is a hard requirement inside a FedRAMP boundary β not a best practice. A practitioner's walkthrough of where FIPS lands across 800-53 control families, and how the Building for Compliance supply-chain work maps onto it.
FedRAMP, From the Platform Side β Part 2: The Basics Part 2
A platform engineer's plain-English walkthrough of what FedRAMP actually is β impact levels, the document set (SSP, SAR, POA&M), the ATO process, and how Rev5 and 20x change the picture in 2026.
FedRAMP, From the Platform Side β Part 1: Why You Probably Need a Partner Part 1
A platform engineer's take on starting the FedRAMP journey from outside the US β why a third-party partner matters, and what the '90 days' promise really means in 2026.
From API to Owned: MiniMax M2.7, Gemma 4, and the Case for Running Models on Your Laptop
Two major open-source model releases in one week signal a tipping point. Here's why I'm running capable agent models on my own hardware β and how you can too.
Andrej Karpathy Just Made RAG Obsolete β And All You Need Is Three Folders
Andrej Karpathy dropped a paradigm-shifting gist on building personal knowledge bases with LLMs β no vector DB, no embeddings, just raw/wiki/output folders. Here's what it means for the rest of us.
The View from Outside the Glass: Why Growing Organizations Need the Outsider's Mirror
How a consultant's external perspective helps scaling organizations shift from reactive execution to intentional alignment β and why staying silent is the real failure.
The $1,892 Agent: MiniMax M2.5 and the Dawn of Always-On Intelligence
MiniMax M2.5 achieves near-Opus 4.6 performance at 3% the cost. What this means for always-on agents, the SWE-bench, and the falling cost of intelligence.
DNS Series Glossary β The Terms That Keep Showing Up
A practical glossary for the DNS Evolution in Practice series: core DNS records, service discovery terms, traffic management concepts, and DNS security vocabulary.
DNS β The Internet's Quiet Backbone: A Series Introduction Series Recap
Why I'm writing a four-part DNS series in 2026. Notes from 25 years of teaching the topic that most engineers β and most curricula β quietly underestimate.
DNS, Part 4 β When DNS Lies: Cache Poisoning, Spoofing, and How to Defend Yourself Part 4
How DNS attacks actually work β Kaminsky, Sea Turtle, MyEtherWallet, DigiNotar β and the layered defenses that hold up: DNSSEC, DoH, CAA, registrar lock.
DNS, Part 1 β From /etc/hosts to BIND-9: The Origin Story Every SRE Should Know Part 1
A practitioner's tour of DNS β from the hosts file era and BIND at Berkeley to CoreDNS in Kubernetes β and the record types every engineer should actually understand.
Cilium, Part 1 β Hands-On With eBPF Network Policies on k3d Part 1
A practitioner's k3d lab for Cilium: install it next to your laptop, walk a CiliumNetworkPolicy progression from default-deny to L7 HTTP filtering, and read the drops in Hubble.
SOC 2 for ISVs, Part 4: Continuous Compliance β Making SOC 2 a Byproduct, Not a Project Part 4
How to turn SOC 2 from a yearly fire drill into a byproduct of how you build β AWS SCPs, GCP Org Policies, OPA, drift detection, and automated evidence collection.
SOC 2 for ISVs, Part 3: From Zero to Audit-Ready β The Technical Foundation Part 3
How to map SOC 2 controls to your AWS, GCP, and Kubernetes stack β IAM, logging, encryption, change management, and what auditors actually want to see.