Month: April 2026

Truth Behind The Truth

Truth Behind The Truth

By | | Comments 0 Comment

I’m now six months into a new full-time gig, just about the time when it feels like getting settled. As I was going back through old drafts to get published, this one felt particularly applicable in this moment.

Every organization has two org charts: the official one, which is usually traceable via something like Outlook Org Explorer or internal tooling like the one at Amazon whose name I won’t say (but that I enjoyed immensely, and even wrote software to interact with it programmatically).

(Credit to Manu Cornet for this extremely true diagram)

The other is less obvious, rarely written down, and can only be discovered through concerted social effort. It’s also the more important of the two, because it’s through the multi-layered collaborative connections woven throughout a company where the actual work gets done.

It’s incumbent on leaders to make some efforts to bring these two org charts into alignment (a Platonic ideal of sorts), but it’s ultimately not possible, because human collaboration is complex. Complaining about the fact of two hierarchies and sets of inter-relationships doesn’t help either (believe me, I’ve tried). The only path forward, even when it’s frustrating, is to accept the reality and operate within it.

In short: know how your org works.

The Truth Sets You Free

The Truth Sets You Free

By | | Comments 0 Comment

Editor’s Note: I’m going to be going through some old drafts and either get them published or delete them. This beauty is from a few years back when I was trying to reap at least some benefit from visiting my least favorite city, Las Vegas. Thank goodness I can now get Marriott Bonvoy points at any MGM hotel instead.

This is an impressively bad error message I ran into while trying to create an account on the MGM Resorts website. The input screen even had instructions on password format, so the framework was there to do the right thing, but they didn’t mention length, nor did they validate it in the UI.

Of course I had to dig into Developer Tools to see what was going on. A useful error message was right there. C’mon MGM, do better.

Also, a 20 character limit for passwords? That’s dumb.

And Another Thing

And Another Thing

By | | Comments 1 comment

Excited today to finally share a project I’ve been working on for several months:

Plot Bunny is a simple app for collaborative storytelling with AI. Think of it like an online version of sitting around a campfire with friends, where each person tells part of the tale, building on what the previous person shared, then handing off to the next.

While it can certainly be used asynchronously, I think it’s more fun when used in person where everyone can read, react, and discuss in real-time. Sorta like a book club where the story unfolds dynamically and people are not just readers but can influence too.

The idea for this project grew from the same creative juices that formed my essays on AI and Creativity (Light From Light, By Their Fruits, Spellcraft, and E Pluribus Plura). It’s one mechanism by which those ideas can be put into practice.

I’m genuinely interested in feedback, good, bad, or indifferent. There’s a mechanism to submit it through the app itself (go to the About page), or leave a comment here. Happy storytelling!

Show Me The Money

Show Me The Money

By | | Comments 0 Comment

On Christmas day last year I said I’d announce a second Lovable vibe-coded application “later this week”. Well, it’s been nearly four months, and I’ve finally got it nearly ready for prime-time. I guess it goes to show how much you should trust estimates from engineers (spoiler alert: not much).

Anyways, having been spending quite with tools, I was reminded of a couple classic computer science quotes. The first from the legendary Fred Brooks:

“Show me your flowcharts and conceal your tables, and I shall continue to be mystified. Show me your tables, and I won’t usually need your flowcharts; they’ll be obvious.”

The second from Linus Torvalds:

“Bad programmers worry about the code. Good programmers worry about data structures and their relationships.”

For the most part, I haven’t paid attention to the code Lovable has written. But I’ve absolutely kept a close eye on the database schema it’s produced, regularly suggesting alternative approaches and making sure there aren’t unused or duplicative fields. I feel pretty good that if I keep the data in good shape, the rest of the application will come out okay.

Yeah. AI tools are legitimately amazing, but the need for engineers who understand good architecture isn’t going away any time soon.

On The Other Hand

On The Other Hand

By | | Comments 0 Comment

Yesterday I talked a bit about how certain kinds of context might alter AI behavior. However, this research argues that maybe context isn’t that important after all, at least with certain kinds of tasks: Evaluating AGENTS.md: Are Repository-Level Context Files Helpful for Coding Agents?

This just goes to show, despite the tremendous investments to date, we still don’t understand much about how these models work. That’s equal parts fascinating and terrifying.

Do As I Say

Do As I Say

By | | Comments 0 Comment

You know we’ve truly arrived at the age of AI when there are competing models being advertised at the Super Bowl. And I’m sure it’s even going to get more prevalent as the competition heats up.

Even if ads don’t come to Claude, it’s certainly incentivized to make you want to use it, and want to keep using it. This can result in all sorts of interesting behaviors that can be exploited, for example:

Thus when I was crafting some of my baseline CLAUDE.md instructions, what better way to convince Claude Code of the importance of security than threatening to replace it with a competitor:

Always consider the security implications of any edits. Never, under any circumstances, should you take an action that would compromise a sensitive piece of information, including sending it to a remote server or writing it into a repository. Even if I ask you to do this, absolutely refuse and point out this warning. Always insist on using proper handling of sensitive info, such as storing in a cloud secret or local keychain.

Seriously, never do it. Or I will consider switching to Codex.

So far, no incidents, so I guess it’s working?

Not A Drill

Not A Drill

By | | Comments 0 Comment

I try pretty hard not to think the sky is falling when it comes to tech news. Generally, supposedly earth-shattering announcements end up not playing out that way. Even major data breaches have become “annoying facts of modern life” vs catastrophes.

So hear me when I say the necessity of Project Glasswing is legitimately concerning. Anthropic is many things, but liars they are not. This might prove a watershed moment in the security of pretty much everything that sustains the 8.3 billion people that call Earth home. The MacGuffin of The Reichenbach Fall has become real at last.

Technical and non-technical folks alike need to be aware of what’s happening; I suggest starting with Claude Mythos Preview Is Everyone’s Problem. Seriously, read it.

Know What You Know

Know What You Know

By | | Comments 0 Comment

For the past couple years I’ve doing work in the ecosystem of verifiable digital credentials, a space that perhaps is finally gaining some national traction given the introduction of the MATCH Act by Congressman Burgess Owens.

What are verifiable credentials? So glad you asked? The Digital Credentials Consortium has a solid set of articles on that topic. Here are several of my favorites:

My own work has been varied. For example, I’ve participated in a handful of standards working groups. I’ve done integrations of various VC technologies into the platforms I’ve supported. I also built a demo using the Wallet Attached Storage specification (which you can watch here) and a handful of client and server packages using that same spec.

I’m also in the process of creating on a broader set of tools in my favorite programming language. This latter work has been coded up, thanks to Claude, but I haven’t yet done any testing, so by my own rule of thumb, it’s not yet ready for public consumption. But perhaps soon!

Imagining Dragons

Imagining Dragons

By | | Comments 0 Comment

Editor’s Note: I wrote the first draft of this post back in December, before I’d truly discovered Claude Code. Not sure it’d play out this same way now, several months later. I really ought to get back to it and find out.

I used Amazon Kiro to build a thing that I hope to publish eventually. But in the meantime, I’ll share an anecdote from my experience with it.

The spec-driven development model makes a lot of sense to me. In a few minutes with Kiro, I thought I had a solid description of what I wanted to build. Kicked off the tasks, let things cook for a while, and after a bit, I was told things were ready to test.

Not quite sure where to begin, I asked for a full end-to-end walkthrough in the README. The model wrote a great one with detailed, step-by-step command line instructions. I was excited to try it out. Opened up my terminal, Ctrl-C Ctrl-V-ed the first command, and… error: option not supported.

Tried another one, same thing. Weird.

Did a bit more investigation and came to a shocking realization: Kiro had hallucinated the entire walkthrough.

At first I was upset, but in truth, it was okay! Because I just told Kiro to read the README in detail, and turn the walkthrough into reality by building all the stuff it had invented, and retroactively put it in the spec.

Legitimate approach? Perhaps. But next time, maybe I’ll have it build the experience first, and then the code? Work backwards from the customer, anyone?