Lawrence Jones
@lawrencejones.dev
Engineer at https://incident.io/. Previously @GoCardless | Writes at http://blog.lawrencejones.dev | @lawrjones on Twitter
I agree with you both. The false dichotomy is that you either understand what you produce or you use AI, and those are not the only options.
November 16, 2025 at 3:06 PM
I agree with you both. The false dichotomy is that you either understand what you produce or you use AI, and those are not the only options.
I care a lot about maintainability, it’s a big focus for me & team.
It’s been great that AI tools bring down the cost of refactoring so that we can do a lot more of them. That’s helped quality a lot.
There are trade offs here, but if you’re careful it’s not as one sided as I think you feel.
It’s been great that AI tools bring down the cost of refactoring so that we can do a lot more of them. That’s helped quality a lot.
There are trade offs here, but if you’re careful it’s not as one sided as I think you feel.
November 16, 2025 at 2:40 PM
I care a lot about maintainability, it’s a big focus for me & team.
It’s been great that AI tools bring down the cost of refactoring so that we can do a lot more of them. That’s helped quality a lot.
There are trade offs here, but if you’re careful it’s not as one sided as I think you feel.
It’s been great that AI tools bring down the cost of refactoring so that we can do a lot more of them. That’s helped quality a lot.
There are trade offs here, but if you’re careful it’s not as one sided as I think you feel.
Speaking as a person who does really enjoy the coding side of things: I use them because my job is primarily about delivering value rather than maximising my enjoyment, and these tools can help me build things faster.
That said I get a lot of enjoyment from shipping things, so it’s not all bad.
That said I get a lot of enjoyment from shipping things, so it’s not all bad.
November 16, 2025 at 1:59 PM
Speaking as a person who does really enjoy the coding side of things: I use them because my job is primarily about delivering value rather than maximising my enjoyment, and these tools can help me build things faster.
That said I get a lot of enjoyment from shipping things, so it’s not all bad.
That said I get a lot of enjoyment from shipping things, so it’s not all bad.
If I get time I’m going to try this with an open source model and see if I can get it working. In my head I still think what I’m saying is right but that’ll solidify the concepts for me!
The timing attack is definitely a thing but so expensive with LLM calls that I wonder if feasible.
The timing attack is definitely a thing but so expensive with LLM calls that I wonder if feasible.
November 11, 2025 at 7:43 AM
If I get time I’m going to try this with an open source model and see if I can get it working. In my head I still think what I’m saying is right but that’ll solidify the concepts for me!
The timing attack is definitely a thing but so expensive with LLM calls that I wonder if feasible.
The timing attack is definitely a thing but so expensive with LLM calls that I wonder if feasible.
In which case I’d default to you being correct and will go do some reading myself!
November 11, 2025 at 7:35 AM
In which case I’d default to you being correct and will go do some reading myself!
Like the model doesn't need the original source text, just the cached KV pairs and your new queries to compute attention and generate tokens that can reveal the cached content.
November 11, 2025 at 7:34 AM
Like the model doesn't need the original source text, just the cached KV pairs and your new queries to compute attention and generate tokens that can reveal the cached content.
You probably know this better than I do, but I thought caching would store the KV pairs from attention, and if you can give those to a model with new input tokens, you could get what was previously cached by having the model attend over the cached representations with queries from your new prompt?
November 11, 2025 at 7:33 AM
You probably know this better than I do, but I thought caching would store the KV pairs from attention, and if you can give those to a model with new input tokens, you could get what was previously cached by having the model attend over the cached representations with queries from your new prompt?
Can I check: I would very much consider the prompt input tokens to be sensitive data.
Is that how you’re seeing them?
Is that how you’re seeing them?
November 11, 2025 at 7:25 AM
Can I check: I would very much consider the prompt input tokens to be sensitive data.
Is that how you’re seeing them?
Is that how you’re seeing them?
This is in a world where cache keys weren’t user segregated and you captured cache keys from someone else’s account. I would expect that would allow you to exfiltrate their prompts and any data in them that was present in the cache, but may be misunderstanding.
November 11, 2025 at 7:21 AM
This is in a world where cache keys weren’t user segregated and you captured cache keys from someone else’s account. I would expect that would allow you to exfiltrate their prompts and any data in them that was present in the cache, but may be misunderstanding.
The attack I’m thinking of is if you had the ability to invoke a model with another persons cache key.
Afaik the cached result is embedding values/kvs/etc, if you can start the model with that cache value and say “summarise what I just said” you should be able to read out what was ‘in the cache’?
Afaik the cached result is embedding values/kvs/etc, if you can start the model with that cache value and say “summarise what I just said” you should be able to read out what was ‘in the cache’?
November 11, 2025 at 7:20 AM
The attack I’m thinking of is if you had the ability to invoke a model with another persons cache key.
Afaik the cached result is embedding values/kvs/etc, if you can start the model with that cache value and say “summarise what I just said” you should be able to read out what was ‘in the cache’?
Afaik the cached result is embedding values/kvs/etc, if you can start the model with that cache value and say “summarise what I just said” you should be able to read out what was ‘in the cache’?
Right gotcha. I can ping someone and ask?
On the attacks; while the cache is stored as the matrix result of encoding the input, presumably if you could reuse someone’s cache you can just ask the model to tell you what you just gave it. You don’t have the weights but the model is usable by you?
On the attacks; while the cache is stored as the matrix result of encoding the input, presumably if you could reuse someone’s cache you can just ask the model to tell you what you just gave it. You don’t have the weights but the model is usable by you?
November 11, 2025 at 7:13 AM
Right gotcha. I can ping someone and ask?
On the attacks; while the cache is stored as the matrix result of encoding the input, presumably if you could reuse someone’s cache you can just ask the model to tell you what you just gave it. You don’t have the weights but the model is usable by you?
On the attacks; while the cache is stored as the matrix result of encoding the input, presumably if you could reuse someone’s cache you can just ask the model to tell you what you just gave it. You don’t have the weights but the model is usable by you?
I would imagine just about data hygiene. We have agreements with providers like Anthropic to handle our data differently than other orgs, so it would be a natural thing to separate this stuff even if there isn’t a way to reverse the encoding to get back at the input.
November 11, 2025 at 7:07 AM
I would imagine just about data hygiene. We have agreements with providers like Anthropic to handle our data differently than other orgs, so it would be a natural thing to separate this stuff even if there isn’t a way to reverse the encoding to get back at the input.
Ah, that is annoying. Only knew as we had an incident our side for Slack, lots of failed requests from their APIs.
November 10, 2025 at 8:48 PM
Ah, that is annoying. Only knew as we had an incident our side for Slack, lots of failed requests from their APIs.
Slack are having an outage unfortunately!
November 10, 2025 at 6:38 PM
Slack are having an outage unfortunately!
Bridging experience gaps like this has been the most useful thing for us adopting Claude. We were much lighter on frontend expertise than backend but have been reskilling a lot with docs and Claude to help.
Have fun!
Have fun!
October 25, 2025 at 1:53 PM
Bridging experience gaps like this has been the most useful thing for us adopting Claude. We were much lighter on frontend expertise than backend but have been reskilling a lot with docs and Claude to help.
Have fun!
Have fun!
100% agree, email comms is something I’ve missed since the day I joined my current place.
October 25, 2025 at 10:55 AM
100% agree, email comms is something I’ve missed since the day I joined my current place.
I’m really glad you enjoyed it!
We’ve built a huge amount of tooling to help us power these systems. If you catch me after I can show you a bit of it for real!
We’ve built a huge amount of tooling to help us power these systems. If you catch me after I can show you a bit of it for real!
October 23, 2025 at 12:42 PM
I’m really glad you enjoyed it!
We’ve built a huge amount of tooling to help us power these systems. If you catch me after I can show you a bit of it for real!
We’ve built a huge amount of tooling to help us power these systems. If you catch me after I can show you a bit of it for real!
Yeah to be clear I don’t think people pushing for wfh are actually lazy.
I was thinking of people who freely confess they have remote jobs so they can work much less when I mentioned in another thread (of whom I have met several) but I don’t think that’s the driver behind big wfh support!
I was thinking of people who freely confess they have remote jobs so they can work much less when I mentioned in another thread (of whom I have met several) but I don’t think that’s the driver behind big wfh support!
October 13, 2025 at 8:53 PM
Yeah to be clear I don’t think people pushing for wfh are actually lazy.
I was thinking of people who freely confess they have remote jobs so they can work much less when I mentioned in another thread (of whom I have met several) but I don’t think that’s the driver behind big wfh support!
I was thinking of people who freely confess they have remote jobs so they can work much less when I mentioned in another thread (of whom I have met several) but I don’t think that’s the driver behind big wfh support!
I’ve met people who are exactly like both claims, and many who aren’t.
Problem is the generalising. Means every discussion has people talking past each other.
Problem is the generalising. Means every discussion has people talking past each other.
October 13, 2025 at 6:50 PM
I’ve met people who are exactly like both claims, and many who aren’t.
Problem is the generalising. Means every discussion has people talking past each other.
Problem is the generalising. Means every discussion has people talking past each other.
Claiming you hate your family if you prefer in office is an equally poor generalisation as saying anyone who prefers remote is lazy.
I’m not trying to take a side in this, just find it frustrating these conversations always descend into ad hominem attacks like this.
I’m not trying to take a side in this, just find it frustrating these conversations always descend into ad hominem attacks like this.
October 13, 2025 at 6:17 PM
Claiming you hate your family if you prefer in office is an equally poor generalisation as saying anyone who prefers remote is lazy.
I’m not trying to take a side in this, just find it frustrating these conversations always descend into ad hominem attacks like this.
I’m not trying to take a side in this, just find it frustrating these conversations always descend into ad hominem attacks like this.
Hahahaha no it is ok, though I will accept a poorly done sketch to keep you entertained while in A&E.
This sucks though hope you’re alrigjt
This sucks though hope you’re alrigjt
July 25, 2025 at 5:08 AM
Hahahaha no it is ok, though I will accept a poorly done sketch to keep you entertained while in A&E.
This sucks though hope you’re alrigjt
This sucks though hope you’re alrigjt
Will you be providing a visual essay on this experience?
July 24, 2025 at 9:52 PM
Will you be providing a visual essay on this experience?
I expect pretty well now 😂
July 21, 2025 at 6:57 AM
I expect pretty well now 😂