Chandrapal Badshah
@badshah.io
Cursor suggestions are interesting at times.
February 15, 2025 at 4:59 AM
Cursor suggestions are interesting at times.
The count problem is still not solved.
There are 27 "r"s in the made up word (strawberrrrrrrrrrrrrrrrrrrrrrrrrry). Not 28.
There are 27 "r"s in the made up word (strawberrrrrrrrrrrrrrrrrrrrrrrrrry). Not 28.
February 10, 2025 at 4:48 PM
The count problem is still not solved.
There are 27 "r"s in the made up word (strawberrrrrrrrrrrrrrrrrrrrrrrrrry). Not 28.
There are 27 "r"s in the made up word (strawberrrrrrrrrrrrrrrrrrrrrrrrrry). Not 28.
When you ask an LLM to reason, its not going to tell what it's about to do and why.
Rather it just predicts tokens that translate to some reason in English and continue to predict next steps (doesn't guarantee that it follows its own statement that it gave as "reason"). 🙃
Rather it just predicts tokens that translate to some reason in English and continue to predict next steps (doesn't guarantee that it follows its own statement that it gave as "reason"). 🙃
February 10, 2025 at 10:08 AM
When you ask an LLM to reason, its not going to tell what it's about to do and why.
Rather it just predicts tokens that translate to some reason in English and continue to predict next steps (doesn't guarantee that it follows its own statement that it gave as "reason"). 🙃
Rather it just predicts tokens that translate to some reason in English and continue to predict next steps (doesn't guarantee that it follows its own statement that it gave as "reason"). 🙃
I liked how Tony Stark in Iron Man talks to his assistant Jarvis.
I tried living a day like that by chatting with LLMs to do certain tasks.
Found out that I'm not articulate enough and there are times when I thoughts change faster/go blank. 😓
I tried living a day like that by chatting with LLMs to do certain tasks.
Found out that I'm not articulate enough and there are times when I thoughts change faster/go blank. 😓
February 5, 2025 at 1:27 PM
I liked how Tony Stark in Iron Man talks to his assistant Jarvis.
I tried living a day like that by chatting with LLMs to do certain tasks.
Found out that I'm not articulate enough and there are times when I thoughts change faster/go blank. 😓
I tried living a day like that by chatting with LLMs to do certain tasks.
Found out that I'm not articulate enough and there are times when I thoughts change faster/go blank. 😓
Postman free version is useless without signing into an account.
Simple features like creating a collection needs signup. 🤦♂️
Found a pretty good alternative. And its open source.
github.com/hoppscotch/h...
Simple features like creating a collection needs signup. 🤦♂️
Found a pretty good alternative. And its open source.
github.com/hoppscotch/h...
GitHub - hoppscotch/hoppscotch: Open source API development ecosystem - https://hoppscotch.io (open-source alternative to Postman, Insomnia)
Open source API development ecosystem - https://hoppscotch.io (open-source alternative to Postman, Insomnia) - hoppscotch/hoppscotch
github.com
January 29, 2025 at 2:53 AM
Postman free version is useless without signing into an account.
Simple features like creating a collection needs signup. 🤦♂️
Found a pretty good alternative. And its open source.
github.com/hoppscotch/h...
Simple features like creating a collection needs signup. 🤦♂️
Found a pretty good alternative. And its open source.
github.com/hoppscotch/h...
Nothing is a better motivation than this visual writing stats!!
My memory says I wrote last content a week/10 days ago. But in reality it's more than that. This graph helps me with my memory and produce more content.
My memory says I wrote last content a week/10 days ago. But in reality it's more than that. This graph helps me with my memory and produce more content.
January 27, 2025 at 9:31 AM
Nothing is a better motivation than this visual writing stats!!
My memory says I wrote last content a week/10 days ago. But in reality it's more than that. This graph helps me with my memory and produce more content.
My memory says I wrote last content a week/10 days ago. But in reality it's more than that. This graph helps me with my memory and produce more content.
Reposted by Chandrapal Badshah
The entire tech industry right now
January 25, 2025 at 4:30 PM
The entire tech industry right now
I'm not going to ask smaller distilled Deepseek models about regions 🤦♂️
Pretty crazy answers.
deepseek-r1:7b - Tell me about Arunachal Pradesh
Pretty crazy answers.
deepseek-r1:7b - Tell me about Arunachal Pradesh
January 26, 2025 at 11:04 AM
I'm not going to ask smaller distilled Deepseek models about regions 🤦♂️
Pretty crazy answers.
deepseek-r1:7b - Tell me about Arunachal Pradesh
Pretty crazy answers.
deepseek-r1:7b - Tell me about Arunachal Pradesh
Serious question.
If consulting firms provide fully-compliant report despite knowing customer company is insecure and non compliant, what happens to those consulting firms if customer is breached?
If consulting firms provide fully-compliant report despite knowing customer company is insecure and non compliant, what happens to those consulting firms if customer is breached?
"I’ll ask about compliance and security, prompting you to send over a pile of meaningless certifications. These documents DON'T actually prove you did the things outlined in them; they just demonstrate that you could plausibly fake having done them." 🤣🤣🤣
matduggan.com/stop-trying-...
matduggan.com/stop-trying-...
Stop Trying To Schedule A Call With Me
Stop Trying To Schedule A Call With Me - The harassment by SaaS
matduggan.com
January 20, 2025 at 11:05 AM
Serious question.
If consulting firms provide fully-compliant report despite knowing customer company is insecure and non compliant, what happens to those consulting firms if customer is breached?
If consulting firms provide fully-compliant report despite knowing customer company is insecure and non compliant, what happens to those consulting firms if customer is breached?
"I’ll ask about compliance and security, prompting you to send over a pile of meaningless certifications. These documents DON'T actually prove you did the things outlined in them; they just demonstrate that you could plausibly fake having done them." 🤣🤣🤣
matduggan.com/stop-trying-...
matduggan.com/stop-trying-...
Stop Trying To Schedule A Call With Me
Stop Trying To Schedule A Call With Me - The harassment by SaaS
matduggan.com
January 20, 2025 at 10:56 AM
"I’ll ask about compliance and security, prompting you to send over a pile of meaningless certifications. These documents DON'T actually prove you did the things outlined in them; they just demonstrate that you could plausibly fake having done them." 🤣🤣🤣
matduggan.com/stop-trying-...
matduggan.com/stop-trying-...
While I want to optimize my book reading and notes recollection using digital means (read on Kindle and save notes on Obsidian) there's one this so interesting about books.
It reminds you of your older self most times you re-read a book.
It reminds you of your older self most times you re-read a book.
January 12, 2025 at 5:44 AM
While I want to optimize my book reading and notes recollection using digital means (read on Kindle and save notes on Obsidian) there's one this so interesting about books.
It reminds you of your older self most times you re-read a book.
It reminds you of your older self most times you re-read a book.
LLM generated BS on "Ways to minimize pricing of GuardDuty".
What made me furious is "Use Reserved Instances: If you plan to use GuardDuty for an extended period, you can consider purchasing Reserved Instances to save costs." 😠
What made me furious is "Use Reserved Instances: If you plan to use GuardDuty for an extended period, you can consider purchasing Reserved Instances to save costs." 😠
January 9, 2025 at 10:15 AM
LLM generated BS on "Ways to minimize pricing of GuardDuty".
What made me furious is "Use Reserved Instances: If you plan to use GuardDuty for an extended period, you can consider purchasing Reserved Instances to save costs." 😠
What made me furious is "Use Reserved Instances: If you plan to use GuardDuty for an extended period, you can consider purchasing Reserved Instances to save costs." 😠
TIL there's a new term - Agentic Code Execution (ACE)
Good read on KachraCraft :) and associated LLM hacks
www.securityrunners.io/post/hacking...
Good read on KachraCraft :) and associated LLM hacks
www.securityrunners.io/post/hacking...
Hacking AI Applications: From 3D Printing to Remote Code Execution
The blog post examines methods for hacking AI-native applications by detailing vulnerabilities discovered while building KachraCraft, a 3D design generation tool, including techniques for revealing sy...
www.securityrunners.io
January 8, 2025 at 9:22 AM
TIL there's a new term - Agentic Code Execution (ACE)
Good read on KachraCraft :) and associated LLM hacks
www.securityrunners.io/post/hacking...
Good read on KachraCraft :) and associated LLM hacks
www.securityrunners.io/post/hacking...
How do I come up with research ideas/blog posts?
This is a question I get few times (a bit more than once in a blue moon).
As it's not a streamlined way and I can't describe it in a blog, I'll just mention it here. 👇
This is a question I get few times (a bit more than once in a blue moon).
As it's not a streamlined way and I can't describe it in a blog, I'll just mention it here. 👇
January 4, 2025 at 5:31 AM
How do I come up with research ideas/blog posts?
This is a question I get few times (a bit more than once in a blue moon).
As it's not a streamlined way and I can't describe it in a blog, I'll just mention it here. 👇
This is a question I get few times (a bit more than once in a blue moon).
As it's not a streamlined way and I can't describe it in a blog, I'll just mention it here. 👇
Reposted by Chandrapal Badshah
Another thing to note if you have scale is that Shield Advanced ($3000/month) covers all WebACL costs up to 1500 WCU across your entire AWS Organization. For larger enterprises this can be a significant cost saving, but do pay attention to the different DTO charges when doing the maths!
January 3, 2025 at 11:47 AM
Another thing to note if you have scale is that Shield Advanced ($3000/month) covers all WebACL costs up to 1500 WCU across your entire AWS Organization. For larger enterprises this can be a significant cost saving, but do pay attention to the different DTO charges when doing the maths!
Reposted by Chandrapal Badshah
Lately, every BSides seems to have a talk on reframing security teams as a “Department of Yes”
We don’t hear nearly as much about the value of a well-considered, strategically deployed “No”
I've pulled together guidance on giving a better, more constructive No:
ramimac.me/saying-no
We don’t hear nearly as much about the value of a well-considered, strategically deployed “No”
I've pulled together guidance on giving a better, more constructive No:
ramimac.me/saying-no
How to Say “No” Well
Security’s pivot from ‘Department of No’ to ‘Department of Yes’ misses the real lesson - how to say ‘No’ the right way.
ramimac.me
December 30, 2024 at 3:08 PM
Lately, every BSides seems to have a talk on reframing security teams as a “Department of Yes”
We don’t hear nearly as much about the value of a well-considered, strategically deployed “No”
I've pulled together guidance on giving a better, more constructive No:
ramimac.me/saying-no
We don’t hear nearly as much about the value of a well-considered, strategically deployed “No”
I've pulled together guidance on giving a better, more constructive No:
ramimac.me/saying-no
Reposted by Chandrapal Badshah
Cariad, a subsidiary of Volkswagen Group recently had a data compromise in AWS.
Unlike my initial instinct, this was not related to a Public or Unprotected bucket..
Looking further into the breach, published by the Chaos Computer Club (ccc.de) responsible for the disclosure it was discovered by..
Unlike my initial instinct, this was not related to a Public or Unprotected bucket..
Looking further into the breach, published by the Chaos Computer Club (ccc.de) responsible for the disclosure it was discovered by..
December 30, 2024 at 10:25 AM
Cariad, a subsidiary of Volkswagen Group recently had a data compromise in AWS.
Unlike my initial instinct, this was not related to a Public or Unprotected bucket..
Looking further into the breach, published by the Chaos Computer Club (ccc.de) responsible for the disclosure it was discovered by..
Unlike my initial instinct, this was not related to a Public or Unprotected bucket..
Looking further into the breach, published by the Chaos Computer Club (ccc.de) responsible for the disclosure it was discovered by..
Reposted by Chandrapal Badshah
Now we are talking 😆
December 29, 2024 at 2:00 PM
Now we are talking 😆
December 29, 2024 at 6:50 AM
This is an interesting problem in LLM space: How to verify facts from made up stories without human intervention?
One can always generate a bunch of fake websites (or buy existing ones) and publish fake data (probably with help of LLMs).
RAGs/LLMs are respond with the data when users ask.
One can always generate a bunch of fake websites (or buy existing ones) and publish fake data (probably with help of LLMs).
RAGs/LLMs are respond with the data when users ask.
I was excited to tell my kids that there's a sequel to Encanto, only to scroll down and learn that Google's AI just completely made this up
December 28, 2024 at 6:30 PM
This is an interesting problem in LLM space: How to verify facts from made up stories without human intervention?
One can always generate a bunch of fake websites (or buy existing ones) and publish fake data (probably with help of LLMs).
RAGs/LLMs are respond with the data when users ask.
One can always generate a bunch of fake websites (or buy existing ones) and publish fake data (probably with help of LLMs).
RAGs/LLMs are respond with the data when users ask.
Reposted by Chandrapal Badshah
So a quick rule-of-thumb from a throughput POV is:
* Stable high-traffic workloads => containers
* Bursty, occasional workloads => lambda
And don't forget about caching. It's literally a cheat code for building scalable and high-performance systems!
* Stable high-traffic workloads => containers
* Bursty, occasional workloads => lambda
And don't forget about caching. It's literally a cheat code for building scalable and high-performance systems!
December 28, 2024 at 8:59 AM
So a quick rule-of-thumb from a throughput POV is:
* Stable high-traffic workloads => containers
* Bursty, occasional workloads => lambda
And don't forget about caching. It's literally a cheat code for building scalable and high-performance systems!
* Stable high-traffic workloads => containers
* Bursty, occasional workloads => lambda
And don't forget about caching. It's literally a cheat code for building scalable and high-performance systems!
Reposted by Chandrapal Badshah
An eng manager at Netflix once told me that "It'd cost 7x to run Netflix if Netflix ran on Lambda". But what he said next was even more insightful.
"But, not everything at Netflix runs at Netflix scale."
And that's true for most enterprises!
"But, not everything at Netflix runs at Netflix scale."
And that's true for most enterprises!
December 28, 2024 at 8:59 AM
An eng manager at Netflix once told me that "It'd cost 7x to run Netflix if Netflix ran on Lambda". But what he said next was even more insightful.
"But, not everything at Netflix runs at Netflix scale."
And that's true for most enterprises!
"But, not everything at Netflix runs at Netflix scale."
And that's true for most enterprises!