Security

“Autonomous cluster management” — the promise that an AI can monitor your Kubernetes cluster, diagnose problems, and perhaps even fix them without human intervention. It sounds like the holy grail for platform engineers. The reality is more nuanced. In this post I test K8sGPT with a locally running Llama 3.3 70B model on Apple Silicon. No cloud APIs, no data leaving your network, fully sovereign. Is this usable for real cluster diagnosis? Let’s find out. ...

Three trends are converging right now that should terrify anyone paying attention. Each one alone would be concerning. Together, they fundamentally change the privacy calculus. Let me explain why privacy matters more in 2026 than at any point in human history. Trend 1: Mass Data Collection Is Complete This isn’t news. We’ve known for over a decade that every email, every text message, every phone call, every location ping, every purchase, every search query is being collected somewhere. The Snowden revelations were 2013. We’ve had thirteen years to process this. ...

There’s a moment when everything clicks. You plug in your YubiKey, type your PIN once, and then everything just works. SSH to servers? No password. Sign git commits? Automatic. Get a password from pass? Touch the key and done. That moment took me about three evenings of frustration to reach. But now that it works, I never want to go back. Why This Setup? I had a problem: too many authentication methods. ...

I used KeePass for years. Then 1Password. Then Bitwarden. All decent tools, but they always felt… like too much. Too much UI, too many features, too much hassle to integrate properly into my workflow. Then I discovered pass. A password manager that does exactly what the name says: store passwords. Nothing more, nothing less. What is pass? Pass is the “standard unix password manager.” It’s a shell script of ~700 lines that stores passwords as GPG-encrypted files in a directory. That’s it. No database, no proprietary format, no built-in cloud sync. ...

GPG is one of those tools everyone “should learn someday” but nobody wants to. The documentation is overwhelming, the terminology confusing, and the error messages cryptic (pun intended). But GPG is also essential. It’s the foundation for pass, for signed git commits, for encrypted email, and for verifying software downloads. If you’re serious about security, you can’t avoid it. This is the guide I wish I had when I started. What is GPG actually? GPG (GNU Privacy Guard) is an implementation of the OpenPGP protocol. It does two things: ...