Notes from the field.
Patterns, lessons, and unfinished thoughts on technical leadership, AI systems, and building things that ship.
- · ai · security · engineering
Containment beats permission
Coding agents should run unsupervised, but inside a dev environment that's safe to be wrong in. The agent boundary is the wrong line to defend.
- · business · pricing
Let the price do the migration
Most companies run a migration campaign to clear users off a deprecated API. Anthropic just tripled the price of theirs and let market forces do the work.
- · security · leadership · infrastructure
GitHub got hacked
GitHub had 3,800 internal repos exfiltrated via a poisoned VS Code extension. If your private repos have ever held a secret, rotate it today.
- · business · marketing
Marketing is the work
Brent Roose says PHP's biggest problem is marketing, not the tech. The same is true of almost every business that's quietly good at what it does.
- · ai · business
Reselling tokens isn't a business
OpenAI is reportedly burning $1.69 for every dollar earned, and Anthropic is already raising prices. If your AI business is mostly API markup, the price floor is coming for you.
- · ai · local-first
Multi-token prediction, on a small laptop
Google shipped multi-token prediction for Gemma 4. The headline 3x speedup is for big GPUs, but the edge-model drafters quietly target laptops like mine.
- · ai · engineering · leadership
Vibe coding isn't engineering
Engineers treat coding agents as smart junior devs. Vibe coders treat them as their CTO. The gap matters more than the AI hype suggests.
- · meta
Welcome to Notes
What this section is for, what to expect, and the loose rules I'm writing it under.