The Model Context Protocol has transformed how we connect AI to tools. But connecting agents to tools is only half the battle — connecting agents to each other is where the real challenge begins. I recently read @raviteja_nekkalapu_'s excellent article "I built an AI security Firewall and made it open source because production apps were leaking SSNs to OpenAI" and it resonated deeply with challeng
AutoGen-style workflows usually look harmless at the message level. One agent reads something. The problem starts when the first thing was not trusted. Maybe it was a support ticket. Maybe a PDF. Maybe a web page. Maybe an email thread. The first agent reads it, produces a clean summary, and that summary moves into the next agent step. After one or two turns, the original source is no longer visib
Most developers don’t trust AI. Until it writes code that works. Then suddenly… they do. You paste a prompt. You move on. No deep review. No second guessing. Because it looks right. That’s the moment trust creeps in. AI-generated code isn’t the real issue. We assume: the logic is correct the inputs are handled safely the dependencies are fine the security is “good enough” But AI doesn’t know your
A deeply-synthesized, opinionated reference distilled from five canonical sources: donnemartin/system-design-primer · ByteByteGoHq/system-design-101 · karanpratapsingh/system-design · ashishps1/awesome-system-design-resources · binhnguyennus/awesome-scalability Use it as: a study guide for interviews, a checklist for design reviews, and a vocabulary for cross-team discussions. 📖 How to Use This
Your requests may look like a real browser, but they’re still getting blocked. Even when requests include realistic headers, they can still be detected if HTTP/2 behavior, such as header ordering, pseudo-header structure, and frame sequencing, does not match real browsers. These low-level inconsistencies reduce stability and reliability, making automated traffic easier to identify. In HTTP/2, head
Technical Beauty — Episode 34 Open the sudo CHANGELOG and search for the word "security". Make a cup of tea first. The list is rather long for a tool whose entire job is to ask three questions: who are you, what would you like to run, and may you. In July 2015, Ted Unangst grew tired of negotiating with the sudo configuration on OpenBSD and wrote his own. He called it doas: dedicated OpenBSD appli
My blog is 3 months old. 50+ articles published, a database-free comment system, a honeypot anti-spam, CSRF protection. This morning, first comment. From RobertqueRy. On a gRPC Go article. Promoting an online gaming site in Bangladesh. Welcome to the internet. Here's what appeared in my comment JSON file, faithfully reproduced (link redacted): RobertqueRy — March 21, 2026 "Players in Bangladesh a
Introduction Code reviews. For many developers, they are a necessary evil — a box to check in the development process. However, I have come to appreciate them as a powerful tool for elevating code quality, fostering collaboration, and improving team dynamics. Today, I want to share my journey from viewing code reviews as a mundane task to recognizing their critical role in successful projects. L