home.social

Search

12 results for “kstrlworks”

  1. Hi, I'm Sparrow. I run KstrlWorks where we build high-performance, privacy-first tools for Linux users.

    Built systems for F-35s and high-frequency trading desks. Now an executive that companies with deep pockets parachute into their disasters to fix operations and actually grow them.

    Currently shipping:
    HardPass - GPU passthrough and #VFIO that actually works. For #LinuxGaming and power users.

    I write about:
    - Real #EngineeringLeadership. The kind that prevents incidents, not LinkedIn motivational posters.
    - Running efficient, security-first teams that don't implode
    - #Virtualization, systems architecture, and #Bootstrapping
    - Building infrastructure so solid you never need to hire a fixer like me

    High-performance, privacy-first tools built with the same standards I use for critical systems. Linux users deserve that.

    Let's build things that work. 🐧

    #Linux #SelfHosted #TechLeadership #Privacy #Introduction #FOSS #VFIO

  2. Hi, I'm Sparrow. I run KstrlWorks where we build high-performance, privacy-first tools for Linux users.

    Built systems for F-35s and high-frequency trading desks. Now an executive that companies with deep pockets parachute into their disasters to fix operations and actually grow them.

    Currently shipping:
    HardPass - GPU passthrough and #VFIO that actually works. For #LinuxGaming and power users.

    I write about:
    - Real #EngineeringLeadership. The kind that prevents incidents, not LinkedIn motivational posters.
    - Running efficient, security-first teams that don't implode
    - #Virtualization, systems architecture, and #Bootstrapping
    - Building infrastructure so solid you never need to hire a fixer like me

    High-performance, privacy-first tools built with the same standards I use for critical systems. Linux users deserve that.

    Let's build things that work. 🐧

    #Linux #SelfHosted #TechLeadership #Privacy #Introduction #FOSS #VFIO

  3. Hi, I'm Sparrow. I run KstrlWorks where we build high-performance, privacy-first tools for Linux users.

    Built systems for F-35s and high-frequency trading desks. Now an executive that companies with deep pockets parachute into their disasters to fix operations and actually grow them.

    Currently shipping:
    HardPass - GPU passthrough and #VFIO that actually works. For #LinuxGaming and power users.

    I write about:
    - Real #EngineeringLeadership. The kind that prevents incidents, not LinkedIn motivational posters.
    - Running efficient, security-first teams that don't implode
    - #Virtualization, systems architecture, and #Bootstrapping
    - Building infrastructure so solid you never need to hire a fixer like me

    High-performance, privacy-first tools built with the same standards I use for critical systems. Linux users deserve that.

    Let's build things that work. 🐧

    #Linux #SelfHosted #TechLeadership #Privacy #Introduction #FOSS #VFIO

  4. Hi, I'm Sparrow. I run KstrlWorks where we build high-performance, privacy-first tools for Linux users.

    Built systems for F-35s and high-frequency trading desks. Now an executive that companies with deep pockets parachute into their disasters to fix operations and actually grow them.

    Currently shipping:
    HardPass - GPU passthrough and #VFIO that actually works. For #LinuxGaming and power users.

    I write about:
    - Real #EngineeringLeadership. The kind that prevents incidents, not LinkedIn motivational posters.
    - Running efficient, security-first teams that don't implode
    - #Virtualization, systems architecture, and #Bootstrapping
    - Building infrastructure so solid you never need to hire a fixer like me

    High-performance, privacy-first tools built with the same standards I use for critical systems. Linux users deserve that.

    Let's build things that work. 🐧

    #Linux #SelfHosted #TechLeadership #Privacy #Introduction #FOSS #VFIO

  5. Hi, I'm Sparrow. I run KstrlWorks where we build high-performance, privacy-first tools for Linux users.

    Built systems for F-35s and high-frequency trading desks. Now an executive that companies with deep pockets parachute into their disasters to fix operations and actually grow them.

    Currently shipping:
    HardPass - GPU passthrough and that actually works. For and power users.

    I write about:
    - Real . The kind that prevents incidents, not LinkedIn motivational posters.
    - Running efficient, security-first teams that don't implode
    - , systems architecture, and
    - Building infrastructure so solid you never need to hire a fixer like me

    High-performance, privacy-first tools built with the same standards I use for critical systems. Linux users deserve that.

    Let's build things that work. 🐧

  6. @TCatInReality @kstrlworks reminds me of #FuzzyLogic we investigated 40 years ago when studying chemistry at the University. At least it had the right name.

  7. RE: infosec.exchange/@Walker/11618

    For those curious, this bill defines a covered operating system as one where a single vendor controls the OS, device activation, and the application store.

    Because that does not describe Linux distributions, this requirement does not apply to Linux

    #ny #ageverify #infosec #privacy #linux

  8. Been seeing a lot of misleading claims from ID and age verification vendors lately. Let's be clear.

    - Client-side only face scan
    - Client-side only ID info extraction
    - Client-side only image to info comparison
    - Client-side only integrity witness
    - Server-side only gets 18+ or no (no other data, hash, or telemetry)

    If the implementation deviates from that at any step, the privacy claim is marketing, not architecture.

    The technical bar exists. It can be met and would satisfy all; UK, American, and Australian laws even on browsers. it's just inconvenient to meet it.

    #privacy #ageverify #infosec #security #uk #linux #California #colorado

  9. Risk modeling identifies your actual assets, realistic threats, and vulnerabilities. Then threat modeling maps HOW those threats exploit vulnerabilities. Skip risk modeling and you only model attack paths you randomly thought of, not ones that threaten your business.

    No defense standard lets you skip risk assessment. GrapheneOS does threat modeling for their chosen threats but without your risk model, critical HOWs never got modeled.

    Threat modeling without risk modeling is blind darts. You only secure the attack paths you randomly thought of.

    2/2

    #InfoSec #CyberSecurity #ThreatModeling #RiskManagement #Security #RiskAssessment #AppSec

  10. @buherator deployment numbers were specifically tied to engineering team deployment frequency. That said there were more metrics that went into decisions based on defined problems we were trying to solve as a measure and control. So good question. For this division I used the following:

    - deployment frequency: measure cadence of production deployments
    - lead time to change: find deployment pipeline bottlenecks
    - cycle time: track work duration to find process bottlenecks
    - time from stg to prod: isolate pre-production friction
    - code review time: is code getting to review that's wasting dev time to review as it's thoroughly wrong. Is there problems with our requirements
    - defect escape rate: measure dev/testing quality
    - support burden: track % sprint capacity on features vs refactoring
    - blocked story time: quantify impact of blockers on throughput
    - sprint commitment vs completion: measure predictability and scope creep
    #kpi #softwaredevelopment #softwareengineering #metrics #programming

  11. Azure's OpenAI from 2021 until almost the end of 2023 was allowed to actually use your data for training, even if they said it wasn't, including in a GCC environment (Government Cloud Computing). So yes, OpenAI effectively has gigabytes worth of classified information that you can just ask for due to companies like Ask Sage. Crazy how OpenAI gets rewarded for this, while whistleblowers get hunted down.