Detection-in-depth is an evolution of the classic cybersecurity principle known as defense-in-depth. Defense-in-depth means that no single security control can fully protect an environment—instead, multiple layered defenses must work together to slow down, detect, and ultimately stop adversaries.
These layers create redundancy, ensuring that if one layer fails, another stands ready to catch the threat. Detection-in-depth applies this same layered philosophy specifically to detection and monitoring. Rather than relying on a single detection point, it ensures that adversary activity can be caught at multiple stages, through multiple methods, and across multiple levels of abstraction. This creates a resilient, overlapping detection strategy that minimizes blind spots and maximizes the chance of identifying attackers anywhere in their kill chain progression. — Read More
Monthly Archives: May 2025
Building a Distributed Cache for S3
We’ve built a distributed cache for cloud object storage: a shared, low-latency layer that gives all compute nodes fast access to hot data.
This post looks under the hood: how hot data caching worked before, why object storage made it hard, and how the new architecture fixes it. Benchmarks included. — Read More
How AI Is Eroding the Norms of War
Since 2022, I have reported on Russia’s full-scale invasion of Ukraine, witnessing firsthand the rapid evolution of technology on the battlefield. Embedded with drone units, I have seen how technology has evolved, with each side turning once-improvised tools into cutting-edge systems that dictate life and death.
In the early months of the war, Ukrainian soldiers relied on off-the-shelf drones for reconnaissance and support. As Russian forces developed countermeasures, the two sides entered a technological arms race. This cycle of innovation has transformed the battlefield, but it has also sparked a moral descent — a “race to the bottom” — in the rules of war.
In the effort to eke out an advantage, combatants are pushing ethical boundaries, eroding the norms of warfare. Troops disguise themselves in civilian clothing to evade drone detection, while autonomous targeting systems struggle to distinguish combatants from noncombatants.
The evolution of automated drone combat in Ukraine should be a cautionary tale for the rest of the world about the future of warfare. — Read More
Attention Wasn’t All We Needed
There’s a lot of modern techniques that have been developed since the original Attention Is All You Need paper. Let’s look at some of the most important ones that have been developed over the years and try to implement the basic ideas as succinctly as possible. We’ll use the Pytorch framework for most of the examples. Note that most of these examples are highly simplified sketches of the core ideas, if you want the full implementation please read the original paper or the production code in frameworks like PyTorch or Jax.
The Man Who ‘A.G.I.-Pilled’ Google
A few years ago, most Google executives didn’t talk about A.G.I. — artificial general intelligence, the industry term for a human-level A.I. system. Even if they thought A.G.I. might be technically possible, the idea seemed so remote that it was barely worth discussing.
But this week, at Google’s annual developer conference, A.G.I. was in the air. The company announced a slate of new releases tied to Google’s Gemini A.I. models, including new features designed to let users write A.I.-generated emails, create A.I.-generated videos and songs, and chat with an A.I. bot on the flagship search engine. Google’s leaders traded guesses about when more powerful systems might arrive. And they predicted profound changes ahead, as A.I. tools become more capable and autonomous.
The man most responsible for making Google “A.G.I.-pilled” — industry shorthand for the way people can become gripped by the notion that A.G.I. is imminent — is Demis Hassabis.
… This week on “Hard Fork,” we interviewed Mr. Hassabis about his views on A.G.I. and the strange futures that might follow its arrival. You can listen to our conversation by clicking the “Play” button below or by following the show on Apple, Spotify, Amazon, YouTube, iHeartRadio or wherever you get your podcasts. Or, if you prefer to read, you’ll find an edited transcript of our conversation, which begins about 24 minutes into the podcast, below. — Read More
Evaluation Driven Development for Agentic Systems.
I have been developing Agentic Systems for around two years now. The same patterns keep emerging again and again, regardless of what kind of systems are being built.
I have learned them the hard way and many do so as well. The first project is not a great success, but you learn from the failures and apply the learnings in the next one. Then you iterate.
Today, I am sharing my system of how to approach development of LLM based applications from idea to production. Use it if you want to avoid painful lessons in your own projects. — Read More
Anthropic’s new Claude 4 AI models can reason over many steps
During its inaugural developer conference Thursday, Anthropic launched two new AI models that the startup claims are among the industry’s best, at least in terms of how they score on popular benchmarks.
Claude Opus 4 and Claude Sonnet 4, part of Anthropic’s new Claude 4 family of models, can analyze large datasets, execute long-horizon tasks, and take complex actions, according to the company. Both models were tuned to perform well on programming tasks, Anthropic says, making them well-suited for writing and editing code.
Both paying users and users of the company’s free chatbot apps will get access to Sonnet 4 but only paying users will get access to Opus 4. — Read More
Forget IPs: using cryptography to verify bot and agent traffic
With the rise of traffic from AI agents, what’s considered a bot is no longer clear-cut. There are some clearly malicious bots, like ones that DoS your site or do credential stuffing, and ones that most site owners do want to interact with their site, like the bot that indexes your site for a search engine, or ones that fetch RSS feeds.
Historically, Cloudflare has relied on two main signals to verify legitimate web crawlers from other types of automated traffic: user agent headers and IP addresses. The User-Agent header allows bot developers to identify themselves, i.e. MyBotCrawler/1.1. However, user agent headers alone are easily spoofed and are therefore insufficient for reliable identification. To address this, user agent checks are often supplemented with IP address validation, the inspection of published IP address ranges to confirm a crawler’s authenticity. However, the logic around IP address ranges representing a product or group of users is brittle – connections from the crawling service might be shared by multiple users, such as in the case of privacy proxies and VPNs, and these ranges, often maintained by cloud providers, change over time.
… Today, we’re introducing two proposals – HTTP message signatures and request mTLS – for friendly bots to authenticate themselves, and for customer origins to identify them. In this blog post, we’ll share how these authentication mechanisms work, how we implemented them, and how you can participate in our closed beta. — Read More
The AI Engineering Stack
“AI Engineering” is a term that I didn’t hear about two years ago, but today, AI engineers are in high demand. Companies like Meta, Google, and Amazon, offer higher base salaries for these roles than “regular” software engineers get, while AI startups and scaleups are scrambling to hire them.
However, closer inspection reveals AI engineers are often regular software engineers who have mastered the basics of large language models (LLM), such as working with them and integrating them.
So far, the best book I’ve found on this hot topic is AI Engineering by Chip Huyen, published in January by O’Reilly. Chip has worked as a researcher at Netflix, was a core developer at NVIDIA (building NeMo, NVIDIA’s GenAI framework), and cofounded Claypot AI. She has also taught machine learning (ML) at Stanford University. — Read More
AI in Search: Going beyond information to intelligence
We launched AI Overviews last year at I/O, and since then there’s been a profound shift in how people are using Google Search. People are coming to Google to ask more of their questions, including more complex, longer and multimodal questions.
AI in Search is making it easier to ask Google anything and get a helpful response, with links to the web. That’s why AI Overviews is one of the most successful launches in Search in the past decade. As people use AI Overviews, we see they’re happier with their results, and they search more often. In our biggest markets like the U.S. and India, AI Overviews is driving over 10% increase in usage of Google for the types of queries that show AI Overviews 1 . This means that once people use AI Overviews, they’re coming to do more of these types of queries, and what’s particularly exciting is how this growth increases over time. And we’re delivering this at the speed people expect of Google Search — AI Overviews delivers the fastest AI responses in the industry.
We’re continuing to advance Search with AI, and today at I/O, we showed the latest in how we’re building the future of Search, as we go beyond information to intelligence. Here’s a look at everything we announced. — Read More
Rick's Cafe AI 