hrbrmstr's Daily Drop

  • Drop #523 (2024-08-29): Happy ThursdAI!

    Today’s Drop covers creating a custom Ollama model to generate concise names for CVE vulnerabilities and discusses concerns about Google’s new Pixel 9 “Reimagine” feature. Additionally, it introduces “The Inference,” an editorial project by Danny Palmer exploring the impact of AI on cybersecurity and society

    hrbrmstr

  • Bonus Drop #57 (2024-08-03): Vector Similarly Search And RAG-Lite

    The weekend Bonus Drop concludes a miniseries on vector search operations with VSS in R. But wait! There’s more! We also work with Ollama and three models to build a “lite” retrieval augmented generation application over the CISA KEV corpus. #RStats

    hrbrmstr

  • Drop #514 (2024-08-09): DuckDB Vector Search

    Today’s Drop showcases DuckDB’s nascent vector search superpowers by walking through an example of how to generate embeddings for CISA KEV vulnerabilities, performing similarity search, and having Ollama guess good titles for clustered groups of KEV vulns. Tis def a code block-heavy post. #DuckDB #RStats

    hrbrmstr

  • Drop #508 (2024-07-31): Wild, Wild, Wednesday

    The Drop is caught up to Wed! Trail of Bits conducted a security audit of Homebrew, uncovering some concerns including executable code vulnerabilities and CI/CD issues. We look at the highlights in the Drop and shunt readers to the completel report for more details. I expanded my Mastodon-thread of the initial features of Apple Intelligence…

    hrbrmstr

  • Drop #495 (2024-07-08): Monday Afternoon Grab Bag

    Today’s potpourri Drop includes the evolution of text abbreviations (that ends in a weather surprise!), a new-ish color palette for accessible UI design, and the benefits of using low-tech developer tools.

    hrbrmstr

  • Drop #492 (2024-07-03): It’s Always DNS

    Today’s Drop takes a look at — RFC 9606 which introduces the RESINFO DNS resource record type, — doggo – a modern command-line DNS client written in Go, and — Microsoft’s Zero Trust DNS (ZTDNS) Framework.

    hrbrmstr

  • Drop #490 (2024-07-01): X-CMD

    Today’s Drop features X-CMD: a versatile POSIX script framework for CLI enhancement, supporting over 500 open-source tools, language runtimes, and AI/LLM services. It offers themes, navigation, shell completion, and interactive CLI tools. It integrates with AI/LLM services like GPT models, Gemini, and Ollama, and provides access to information sources. X-CMD also offers enhanced shell commands…

    hrbrmstr

  • Drop #467 (2024-05-15): Wonkish Wednesday

    Today’s proper Drop covers how Trail of Bits collaborates with Alpha-Omega and OpenSSF to enhance Homebrew’s security with cryptographically verifiable attestation; it also looks at Nimble and Lance V2 as Parquet replacements, and points to a sober piece on “The Heat Death of the Internet”.

    hrbrmstr

  • Bonus Drop #47 (2024-05-05): Publisher DoS Recovery Edition

    The Drop is off of hiaitus! Today, we cover Debian’s efforts to address the “2038 problem” by transitioning to a 64-bit time_t, the benefits of the REST Client extension for VS Codium, and the value of curated, opinionated lists of programming tools and libraries.

    hrbrmstr

  • Drop #454 (2024-04-18): Happy ThursdAI!

    Today’s AI-focused edition of the Drop discusses the usefulness of a Rust-based disk-usage tool, dua, for managing space occupied by AI models. It also explores a concerning development where LLM agents can autonomously exploit one-day vulnerabilities and a new experimental extension, DuckDB VSS, that accelerates vector similarity search using DuckDB’s new fixed-size ARRAY type.

    hrbrmstr