One of my favorite things about tech is uncovering the little historical moments that connect the dots to where we are today.

And one of those key moments is Siri’s flash of brilliance and sudden decline.

Apple dropped Siri (in 2011—14 years ago), and it was groundbreaking. You could talk to your phone and get real, conversational answers. You thought you were living in the future.

If you can reach back in your memory, you might recall the kind of answers Siri used to give. In retrospect, some of them were wild. You could ask it questions like, Is Jesus Lord? and it would give you an actual answer.

Learning Is Not A Crime

The big picture: When a human reads something and learns from it, nobody accuses them of copyright infringement.

So why does the equation change just because a computer is doing the learning?

It doesn’t. Learning isn’t infringement; it’s what we do. In the copyright world, this category is called “fair use”.

But this one time….

Let’s tackle a common pushback:

“But I found this AI that can reproduce a copyrighted work or excerpt, word for word!”

A useful yet rarely repeated insight: software engineering is construction work with better lighting and fewer splinters. AI has only made this analogy sharper—and it’s why software engineering isn’t going anywhere, no matter how many robots we throw at it.

If you’ve ever swung a hammer on a job site, you might think at first glance, A robot could do this. Nail goes here, board goes there, repeat.

But spend five minutes actually building something, and you’ll see why that’s nonsense. Even the “standard” stuff—like slapping together a house, one of the ten million built this decade—never stays standard. The foundation’s off by an inch. The client wants a weird skylight. The last subcontractor botched the plumbing. Your boss is incompetent (he gives you incorrect prompts), but good ol’ Jim’s been here 20 years and knows where the bodies are buried. Robots don’t handle that mess. Creativity does. Humans do.

Jevon’s Paradox is my all-time favorite paradox (doesn’t everybody have one?), one of those concepts that reshapes how you think about the nuts and bolts of the world.

Named after 19th-century economist William Stanley Jevons, the paradox observes that making a resource more efficient leads to more, not less, consumption of that resource.

The driving example is energy. Suppose power plants become twice as efficient, burning half the fuel to produce the same amount of energy. The naive assumption would be that society would use half as much fuel. But in practice, as energy becomes cheaper and more accessible, new use cases emerge. Instead of using less fuel, we use more: heating entire homes, producing more in our factories, and inventing entirely new markets.

The first and most basic thing to understand about LLMs is that they are statistical models of language. That’s it.

Some people see their incredibly impressive output and say, Statistics? It’s more than just statistics!

But it really is just statistics.

And that’s why you can start using it and stop hiding under your bed.

LLMs Learn Language Similarly to Humans

When humans are born, they know no specific words. They acquire language simply by listening to how others use it.

After 6 years hacking cloud infrastructure at Oracle, I’ve packed up and joined the startup life.

I’m partnering with Joe, creator of Smart Pricing Table, an insanely helpful proposal-writing platform for agencies (or anyone).

What makes Smart Pricing Table worth this investment?

1. The product is actually helpful, and truly loved by its users.
2. Joe is the perfect founder for this product, with years of actual agency experience.

There are a lot of “proposal software” products out there… and they’re mostly glorified word processors + signature software.

TLDR

Use --immediate-mode* **, e.g.

tcpdump --immediate-mode -w out.pcap

And then use Ctrl+C to stop tcpdump whenever you feel like it, without fear of data loss.

* --packet_buffered should do the trick but is not present in older versions of tcpdump; see below.

** But if you’re just printing to the console (that is, not using -w to save to a file), then the non-lossy behavior will be enabled by default, so no need to use these options.

Today I learned about SYSVOL, Groups.xml, and how it can contain admin passwords (in an insecure configuration). Long story short, if you gain access to a SYSVOL share, poke around and check for Groups.xml and its cpassword field (or any file with cpassword).

Decrypting the password is easy with gpp-decrypt (see also a more modern and slick gpp-decrypt in Python).

And my favorite tidbit was finding xq, “jq for XML” — a slick tool for grabbing values out of an XML file. I used a fork with a --raw option: https://github.com/boyska/xq

In an effort to achieve platform independence, I am reposting popular blog posts from years ago. Adjust accordingly, and enjoy!

Originally posted on Medium, 2016-02-10.

A few months ago, I started looking at fuzzing tools. Finding a decent open source tool to use was more trouble than I expected, so I decided to write about it here.

tl;dr

I went with Sulley because it is open source and much more usable than Peach. However, it is less mature, bugs and all, so much so that I needed to fork the project to keep using it. The new project is called boofuzz.

🌈

As you know, tcpdump is a handy command line version of Wireshark. Among its use cases is running from a headless server, from within tmux, or just feeling more l33t by running everything from the command line.

While using tcpdump recently for some in-depth monitoring and debugging, my soul pined for colored output to highlight IP addresses, ports, MAC addresses, etc. There is an old feature request for this very option, not yet implemented. tshark has a --color option which adds handy Wireshark-themed coloring to your packet summary — cool, but not what I was looking for.