Wow! I am genuinely so insanely impressed with Vivaldi 8.0. I've tried it off and on over the years, but it never felt quite "right" to me. But they really nailed it with this new release. So well polished, with so many quality of life features. Compact tab spacing is a life saver!

So, bizarre question — does anyone know of any wireless (ideally solar-recharged battery) backup cameras that have CarPlay apps in the US market? Looking to install a backup camera in my fiancés car, but he already has a CarPlay unit. I’d rather avoid hard wiring and adding a HUD just for it.

Wonder Man was even better than I expected. Sir Ben Kingsly and Yahya Abdul-Mateen II never disappoint.

No one warned me Mr. Door was in The Night Manager

Harness engineering

Everyone seems to remember that Icarus flew too close to the sun, but not that his father also told him not to fly too low and let the sea dampen his wings. We only ever tell half the story: the falling half. Hubris makes a better cautionary tale than mediocrity does. Daedalus understood something we don't like to admit — both directions kill you. The only safe altitude is the one that requires constant adjustment. Someone called me obsessive recently. They corrected themselves almost immediately and said extreme, like it helped. I've been thinking about it since because I couldn't work out if it was a warning or a compliment, or both. Gripping something too tightly doesn't just exhaust you — it changes what you're holding. The thing you're protecting starts demanding pieces of you to sustain itself. Somewhere between telling other people's stories, writing my own, and trying to be useful to both, I realized the question isn't whether to go all in. It's what you're going all in on, and whether you're building it or feeding it. The real choice isn't between obsession and balance. It's between intentional intensity and directionless drift. One requires you to know exactly what you're optimizing for. The other just requires you to keep showing up. Most people who burn out aren't flying too close to the sun — they're flying toward the wrong thing entirely. The wax doesn't care how hard you're working. It only cares whether the heat is coming from your direction or your fuel. The trick isn't learning to feel the wax soften before the feathers go. It's being honest enough with yourself to know the difference between burning for something and just burning.

I always appreciate when Claude resorts to question and exclamation marks in its statements — it's reassuring knowing I'm not the only one deeply confused as to what's going on.

Authentication and authorization alone don't achieve tenant isolation. A user can be fully authenticated, fully authorized for their own tenant — and still access another tenant's resources if isolation isn't enforced at the infrastructure level. This isn't theoretical. Cross-tenant data exposure from misconfigured APIs increased 17% in SaaS environments this year. PostgreSQL CVE-2024-10976 showed RLS policies silently failing below subqueries. CVE-2025-8713 revealed optimizer statistics leaking data from rows RLS was supposed to hide. Shared caches without tenant scoping serve the right answer to the wrong customer. Connection pool contamination and async context leaks cause RLS to fail silently. 2026 is being called "the year SaaS breaches go from trend to epidemic." The root cause is the same: authorization and isolation are implemented at the application layer, where a single missed WHERE clause exposes everything. InferaDB enforces tenant isolation at the storage engine level: Cryptographic isolation — not row-level security bolted onto a general-purpose database Every permission check is tenant-scoped by default Cross-tenant access is architecturally impossible, not just policy-restricted 2.8 microsecond p99 latency — isolation doesn't mean slow We built this because we saw the same failures at Auth0. It's what we wished existed. Join 200 teams on the early access list: inferadb.com/waitlist

Model Context Protocol (MCP) is becoming the standard for connecting AI agents to enterprise systems. But its authorization model has a fundamental problem. MCP formalizes context exchange — but doesn't validate the legitimacy of what enters that context. Malicious content in the pipeline becomes part of the agent's decision-making. The risks: - Over-permissioning: connectors expose too much, agents access data beyond task scope - Confused deputy attacks: malicious clients exploit proxy servers to get authorization without consent - Token scope creep: broadly scoped, long-lived tokens become attack vectors - Prompt injection: manipulated context steers agents into unsafe tool use The MCP spec uses OAuth for authorization, but the implementation conflicts with modern enterprise security practices. Efforts are underway to fix this — production deployments aren't waiting. Authorization can't be an afterthought bolted onto your agent framework. InferaDB provides the authorization layer MCP deployments need: - Fine-grained, context-aware permission checks at microsecond latency - Scoped, short-lived authorization decisions — not broad token grants - Cryptographic audit trail for every agent action - Purpose-built infrastructure, not policy rules duct-taped to a general-purpose database The agent era needs authorization infrastructure built for agents: inferadb.com/waitlist

Only 22% of teams treat AI agents as independent identities. The rest? Shared API keys. That's from the 2026 State of AI Agent Security Report. 81% of teams have deployed AI agents past the planning phase. But only 14.4% have full security approval. Agents are calling APIs, accessing databases, acting on behalf of users — with zero fine-grained authorization. 88% of organizations confirmed or suspected agent-related security incidents this year. The problem isn't that agents are dangerous. It's that we're giving them the keys to the kingdom without building the lock. InferaDB is authorization infrastructure built for this: • Agents get scoped, identity-aware permissions — not shared API keys • Every permission check completes in 2.8 microseconds at p99 • Every decision is logged with a cryptographic audit trail • Tenant isolation is enforced at the storage layer, not the application layer We built OpenFGA at Auth0. We've seen what breaks at scale. Now we're building what we wished existed. 200 teams are already on the early access list: inferadb.com/waitlist

I don't quite know how Marathon's graphic realism aesthetic fits into enterprise software yet, but I can't help wanting every UI I touch to have it. It's just gorgeous.

Broken access control has been the #1 risk on the OWASP Top 10 for two consecutive releases (2021 and 2025). 100% of applications tested by OWASP researchers had some form of broken access control. Three of the top five positions on the OWASP API Security Top 10 are authorization failures — BOLA, broken function-level authorization, and broken object property-level authorization. The average data breach costs $4.88M. Why does it persist? Automated scanners can't interpret business intent. Authorization logic gets scattered across microservices, implemented differently by every developer, with invisible gaps between services. The fix isn't better code review. It's better infrastructure. InferaDB is purpose-built authorization infrastructure: • Centralized policy enforcement across every service • Relationship-based access control (ReBAC) — not static role lookups • Every decision is explainable, traceable, replayable • Built by the team that helped create OpenFGA (CNCF incubating, used by Grafana Labs, Docker, Canonical) Early access: inferadb.com/waitlist

You should see my schedule; I'm positively bedeviled with meetings, etcetera.

If you're building with agents, the question isn't if you need fine-grained authorization. It's whether your auth system can prove it's working correctly. AI agents don't ask for permission twice. They make a decision, call your API, access your data. If your access control drifted out of sync last week, you won't know until it's already happened. That's what we're building with InferaDB — authorization infrastructure with cryptographic verification built in. We're locking in launch pricing and working directly with early teams on integration. If you're building AI-native products or multi-tenant SaaS where permissions actually matter — sign up: inferadb.com/waitlist

Just shipped the new InferaDB website — really proud of how the developer docs, blog (Dispatch), and changelog turned out. inferadb.com First time working with animating SVG. Love the subtle effect it gives Dispatch posts when they load in and on hover. Best part? Runs entirely on GitHub Pages. Just Markdown, Jekyll, and custom templating.

OK, I really really loved "Good Luck, Have Fun, Don't Die". Tremendously fun movie