An optocoupler is a part I’d seen in schematics for a while and quietly skipped over. There’s an LED pointed at a photo-sensitive transistor with a dashed line between them. The dashed line is the entire point: the two halves of the part are not electrically connected. The signal crosses as light, over a few hundred microns of darkness – and I wanted to see it work! So I built one on a breadboard before reaching for an actual 4N35 chip. ...

Page-turn clickers are a real category: Kobo even sells an official remote so you can turn pages without poking the screen all the time. The official remote was out of stock when I thought of getting one, and the price was a bit on the higher end. So I thought of an interesting alternative: emulate the same thing with an ESP32 module, but with no hacks on the reader itself. ...

Many “LLM app” demos stop the moment the model produces a decent-looking answer. However, when the app becomes more real, you get extra questions: What context did the model actually see? Did retrieval find anything useful. Or nothing at all? What did this request cost? How do you compare it to another request? Did a “small prompt tweak” quietly break refund handling? In an attempt to make those questions easier to answer, I built a tiny FastAPI “customer support reply drafter” app and integrated it with Langfuse. The goal was to have a workflow where every request leaves a trail you can inspect, and where changes are measurable. ...

LLMs, like the ones behind ChatGPT or Gemini, have two big weaknesses: Their knowledge is frozen at training time (“knowledge cutoff”) They can “hallucinate” or confidently make things up Retrieval-Augmented Generation (RAG) is a pattern that fixes both problems by giving an LLM access to the right data at answer time. Instead of asking the model to “remember everything”, RAG lets it look things up first, then answer. Core idea RAG = search for relevant documents → feed them into the LLM → have the LLM respond using (also) those documents. ...

TL;DR A unikernel is your app compiled together with only the OS pieces it really needs, producing a tiny binary that boots inside a microVM (e.g., Firecracker/KVM). Result: fast starts, small footprint, and stronger isolation than containers, at the cost of trickier tooling and ops around it. When I saw Prisma put “serverless” and “no cold starts” in the same breath for Prisma Postgres, my Lambda scars tingled 😄 ...

Startups thrive on speed and hustle. But when everything feels urgent, how can you tell what actually matters? In many founder-led companies, management ends up being more reactive than intentional. There’s little in the way of a product roadmap, structured hiring plan, or resource allocation. The focus shifts to whatever’s on fire today. Hands-on leadership keeps momentum high − but often at the cost of clarity. Teams start juggling ad-hoc requests, switching tasks mid-sprint as priorities shift faster than plans can keep up. ...

Today we’re reviewing a vulnerability in Openfire. It is a self-hosted alternative to Slack/Teams: you run it on your own infrastructure, control the data, and extend it with plugins. As a cybersecurity analyst, you are tasked with investigating a data breach targeting your organization’s Openfire messaging server. Attackers have exploited a vulnerability in the server, compromising sensitive communications and potentially exposing critical data. Your task is to analyze the provided network capture files using Wireshark. Identify evidence of the exploitation, trace the attacker’s actions, and uncover indicators of compromise. ...

Today, we dive into a host-based forensics investigation − a curious case of a breach inside the enterprise environment of a company called TechSynergy: A leading tech firm, TechSynergy, has detected an anomaly after an employee engaged with an unexpected email attachment. This triggered a series of covert operations within the network, including unusual account activity and system alterations. Security alerts indicate potential access to sensitive infrastructure, with suspicious outbound traffic raising red flags. The incident response team fears a sophisticated attack may be underway, threatening critical data. ...

LLMs are powerful. And expensive. Every token counts, and if you’re building something that uses an LLM API (Claude, OpenAI, Gemini or PaLM, Mistral, etc.), malicious users can abuse it to burn through your credits. This is especially true for apps that take user input and feed it to the model. The trick is that an attacker doesn’t have to hack your servers. Not even SQL-inject it. They just have to convince the LLM to do something it shouldn’t by crafting a proper prompt. So, actually, it does look a bit like an SQL injection, but for AI prompts. ...