AI 资讯
The foundational elements of AI architecture that IT leaders need to scale
With the rapid progress of AI capabilities and the move to agentic systems, organizations are expanding their use cases as the technology continues to grow. That constant evolution also introduces risk, leaving IT leaders to wonder which investments will prove valuable even six months into the future. Returning to the foundational elements of AI architecture—the…
科技前沿
Hisense UR9 RGB MiniLED: An Affordable TV in Its Class
The brand’s UR9 competes with similar offerings from higher-end brands like Samsung and LG.
创业投融资
Best Indoor Garden Systems: I've Been Testing All Year (2026)
Grow a backyard’s worth of greens and vegetables in your house with a vertical hydroponic garden. Here are a few that might be worth the investment.
科技前沿
People Used to Control Machines. They Don’t Anymore
In a world regulated by devices, humanity has become disconnected from the physical world—from stick-shift cars to postcards.
AI 资讯
Erling Haaland Is Everywhere at the World Cup. Most of It Is AI
Norwegian striker Erling Haaland isn’t just a footballer anymore. He’s become an internet character perpetuated by fans and AI.
开发者
State colocation is not a preference, it is an architecture
The first question I ask when reviewing a frontend architecture is: where does the state live relative to where it is used? In most codebases I have reviewed, the answer is "in a global store, regardless of scope." This is the wrong default. The rule State should live as close to its consumers as possible. If only one component needs it, it is component state. If a subtree needs it, it is a context or service scoped to that subtree. Global state is for truly global concerns: authentication, locale, theme.
AI 资讯
AWS Is Not Simpler. Agents Just Got Better at Reading It.
I optimized my architecture for the wrong model. I used to think black-box infrastructure was the right abstraction for AI-driven development. Vercel, Supabase, Cloudflare Workers — a sharp contract in front, a managed backend behind — felt like the obvious fit. The less an agent had to reason about, the fewer places it could get lost. Give it a clean interface, hide the messy backend, move fast. I still think that was right for the agents we had last year. I don't think it's right for the agents we're starting to use now. The shift is not that AWS got simpler. It didn't. Setup still takes longer, CI/CD takes more work to wire, and cost control has real limits. The shift is that agents got better at reading complexity — and once an agent can actually use a large structured context, the things I treated as overhead (resources, provider schemas, IAM policies, explicit queues, explicit alarms, explicit networks) become the highest-signal context I can hand it. To keep this concrete, I'm holding the tool constant. This is HCL/Terraform on AWS vs HCL/Terraform on Cloudflare — same language, same workflow, two providers. The inversion Agents are… Best served by… Context-poor (last year's loops) Black boxes — shrink the surface, hide the backend Context-rich (now) Inspectable systems — describe everything as code The one-line version: The better agents get at reading, the more valuable explicit infrastructure becomes. I didn't become more pro-AWS because AWS got easier. I became more pro-AWS because agents got better at reading it. Same Terraform, two providers The interesting comparison isn't AWS-elegance vs Cloudflare-elegance. It's how much of the infrastructure topology and operational contract an agent can reconstruct from the HCL plus the provider schema alone. Terraform × AWS Terraform × Cloudflare Provider maturity AWS provider is about as battle-tested as IaC gets; enormous public corpus of modules/examples v5 is a ground-up, OpenAPI-generated rewrite — improving
AI 资讯
P Watched an AI That Only Looked One Way. The 99.97% Was Real. It Just Missed Everything That Mattered.
"Show nothing, hold everything." — The Thirty-Six Stratagems, Create Something Out of Nothing Previously on this series: #4: P Walked Into an AI Monitoring POC. P Didn't Run a Single Test. — P found an ACL business card in an abandoned POC archive. P didn't tell anyone. P just pocketed it. White walls. Fluorescent hum. A FortDefender quarterly report sat open on the table, the cover printed in bold: Zero missed detections. 99.97% detection rate. The CTO slid it across. "The day the leak happened," he said quietly, "this system said everything was fine." "Which client?" " MedTech . Medical data breach. Their internal AI monitoring didn't catch it either. The quarterly report called it 'client-side issue.' I don't buy it." P didn't look at the report first. P looked at the CTO's eyes first. "You didn't bring me here to validate his numbers." The CTO didn't deny it. " FortDefender won't give you production access," he said. "Read-only logs. Sandbox. Public docs. You signed the NDA." "What do you want me to do?" "Find what's hiding inside 'everything was fine.'" P nodded. P didn't ask "what if I find it" — P knew the answer. "One condition: full internal penetration test access. No advance notice to anyone." The CTO was quiet for three seconds. "Done." P stood up. The CTO added one more thing as P turned: "I've heard about the FirmCore thing. That's why I called you." P didn't look back. Week One FortDefender 's public documentation was beautiful. Architecture diagrams. Whitelist rules. Alert thresholds. Response times. All in a technical whitepaper so polished you'd think it was written to raise funding. P spent three days reading every page. In the sandbox, P ran three rounds of tests. FortDefender 's detection system hit every single one. The 99.97% wasn't a lie — at least not inside the sandbox. But P noticed something. FortDefender 's whitelist rules were too complete. They covered everything — down to "penetration tests with valid internal certificates" being pre-
AI 资讯
Presentation: Designing AI Platforms for Reliability: Tools for Certainty, Agents for Discovery
Aaron Erickson explains how NVIDIA designs and tests purpose-built AI agent hierarchies. For senior developers and architects, he outlines why balancing deterministic tools with agentic discovery is crucial. Discover how to leverage rare context, implement LLM-as-a-judge test pyramids, and avoid the paradox of choice to build highly reliable, production-grade AI systems at scale. By Aaron Erickson
AI 资讯
Meet HTTP QUERY: The New HTTP Method You've Probably Been Waiting For
For years, developers have faced the same dilemma when implementing complex search APIs: GET is the correct semantic choice for read-only operations, but query parameters can become extremely long and difficult to manage. POST allows sending a request body, but it's intended for operations that may change server state, making it a poor semantic fit for searches. To bridge this gap, the IETF has introduced a new HTTP method: QUERY (RFC 10008). Why was QUERY introduced? Modern APIs often require complex filtering: nested JSON filters GraphQL-like requests advanced search criteria large lists of IDs geospatial or analytical queries Encoding all of this into a URL is cumbersome and can exceed practical URI length limits. Developers have traditionally worked around this by using "POST" for read-only searches. The problem is that "POST" doesn't express the intent of the request very well. The new QUERY method solves this by allowing clients to send a request body while keeping the operation explicitly safe and idempotent. Key benefits ✅ Request body support Unlike "GET", "QUERY" allows sending structured request data in the message body, making complex searches much easier to model. ✅ Safe by design Like "GET", a "QUERY" request must not modify server state. It clearly communicates that the request is read-only. ✅ Idempotent Repeating the same "QUERY" request produces the same result without additional side effects, allowing clients and intermediaries to safely retry requests after transient failures. ✅ Cache-friendly Unlike the common "POST"-for-search pattern, "QUERY" is designed to work with HTTP caching, enabling better performance and more efficient network usage. ✅ Better API semantics Instead of overloading "POST" for read operations, APIs can now express their intent more accurately: "GET" → simple resource retrieval "QUERY" → complex read operations with a request body "POST" → operations that create or modify state Example Instead of forcing everything into a lo
AI 资讯
Left of the Loop: The PO is Dead, Long Live the PO
When I wrote about shifting the engineering process left — spec sessions, autonomous agents, humans reviewing output rather than writing code — a question kept coming up. Where does the Product Owner fit in all of this? It’s the right question. And I think the answer is more interesting than “the PO disappears.” Let’s start with acceptance criteria. We invented them to bridge a gap. The team needed to know when something was done. The PO needed confidence that what got built matched the intent. Acceptance criteria were the contract between the two. But if the Spec Session is where intent gets defined — by the whole team, together, before the agent runs — that gap closes. What the team agreed on in the room is the definition of done. The spec is the acceptance criteria. You don’t need a separate validation step because the planning and the agreement happened at the same time. The tighter the loop, the less ceremony you need around it. There’s a caveat though. The spec is a necessary contract. It’s not a sufficient one. Simon Martinelli’s work on the AI Unified Process validates the spec-driven approach technically. But his model is about the artifact — requirements at the center, AI generating everything else from them. How the team actually builds shared understanding before the spec exists isn’t something it addresses. That’s not a criticism. It’s just a different question. A spec written after a real Spec Session — where the team worked through edge cases together, disagreed, got to resolution — is different from a spec written by one person and signed off asynchronously. Same artifact. Different quality of shared understanding. That distinction matters when the agent hits an edge case the spec didn’t anticipate. So what’s actually left for a dedicated PO? Two things. And they’re very different. The first is product thinking — challenging intent, representing user needs, asking why before the agent runs with something. That’s valuable. But it doesn’t require a ded
AI 资讯
The Hidden Technical Problems That Break DAOs in Production
Decentralized Autonomous Organizations are often presented as simple governance systems: token holders create proposals, vote, and execute decisions on-chain. In practice, building a production-grade DAO is far more difficult. A DAO is not only a smart contract. It is a distributed coordination system that combines governance logic, treasury security, token economics, identity, off-chain infrastructure, and human decision-making. A failure in any one of these layers can compromise the entire organization. Below are some of the most important technical problems DAO developers must solve. 1. Governance Attacks Through Borrowed Voting Power Many DAOs calculate voting power based on the number of governance tokens held at a specific moment. This creates a serious attack surface when tokens can be borrowed through lending protocols or flash loans. An attacker may temporarily acquire a large amount of voting power, submit or approve a malicious proposal, and return the borrowed assets shortly afterward. The standard defense is snapshot-based voting power. Instead of checking a user’s current balance, the governance contract reads historical balances from a previous block. function getVotes( address account, uint256 blockNumber ) public view returns (uint256) { return token.getPastVotes(account, blockNumber); } However, snapshots alone do not solve every problem. Developers should also consider proposal delays, minimum token-holding periods, quorum requirements, and vote-delegation risks. 2. Dangerous Proposal Execution The most sensitive part of a DAO is usually the executor. A successful proposal may call arbitrary contracts, transfer treasury assets, upgrade protocols, or change governance parameters. If proposal calldata is incorrectly validated, a governance action can execute unintended operations. A DAO should clearly separate: Proposal creation Voting Proposal queuing Timelock execution Emergency cancellation Using a timelock gives token holders and security teams
AI 资讯
Validate Before You Build: The MVP Lessons I Learned the Hard Way
This is part of my work with 01MVP on OpenNomos — a project that helps founders validate ideas before building. The $0 Launch I once spent three months building a product. It had everything: authentication, payments, a polished UI, dark mode. I was proud of it. Launch day: 27 visitors. Zero signups. I had spent 90 days building and precisely zero days asking anyone if they wanted what I was building. I was solving a problem that existed only in my head. The Hardest Lesson The product wasn't bad. The code was fine. The UI was clean. The problem was that I never validated the core assumption: does anyone actually have this problem, and would they pay to solve it? This is the most common failure mode in indie hacking. You build something you think is cool, polish it to perfection, and launch to silence. The code was never the bottleneck. The validation was. What I Do Differently Now Talk to 10 people before writing code. Not surveys. Not landing page analytics. Actual conversations. "Would you use this? Would you pay for it? Why or why not?" Build a mockup, not a product. A Figma prototype or even a Google Form that simulates the core workflow is enough to test willingness to engage. Charge from day one. Free users will tell you nice things. Paying users will tell you the truth. If nobody will pay, the idea isn't ready. Kill fast. Most ideas fail. The goal isn't to make every idea succeed — it's to fail the bad ones quickly so you can find the good ones. Why This Matters More in 2026 In 2016, building a product was hard. You needed to know how to code, set up servers, handle deployments. The barrier to building kept bad ideas from being built. In 2026, Cursor writes your code, v0 generates your UI, and Replit deploys it. The barrier to building has collapsed to near zero. But here's the problem: AI can help you build anything. It cannot help you figure out what's worth building. The result is a flood of well-built products that nobody wants. The bottleneck shifted from
AI 资讯
DeepSeek vs Qwen vs Kimi vs GLM: Which AI API Actually Wins in 2025?
DeepSeek vs Qwen vs Kimi vs GLM: Which AI API Actually Wins in 2025? I've spent the last decade designing systems that need to stay up no matter what. 99.9% uptime isn't a marketing slogan for me — it's the difference between a happy customer and a 3am incident call. So when the Chinese model ecosystem exploded with options like DeepSeek, Qwen, Kimi, and GLM, I didn't just glance at the benchmarks. I pulled the levers, watched the dashboards, and stress-tested every endpoint I could get my hands on. Here's what I found after weeks of running these models behind load balancers, instrumenting them with p99 latency tracking, and watching how they behave when you throw production traffic at them. The Multi-Region Reality Nobody Talks About Most comparison articles treat AI APIs like they're interchangeable endpoints you curl against. That's fine for a weekend hackathon. It's dangerous for production. When I'm architecting a service that depends on an LLM, I care about three things before I care about quality: p99 latency under sustained load Failover behavior when a region gets congested Cost per million tokens at the rate I'm actually consuming I ran each of these four providers through a series of synthetic workloads — bursts of 200 concurrent requests, sustained 50 RPS for an hour, and cold-start recovery tests. The numbers told a story that the marketing pages don't. The Data at a Glance Here's the TL;DR before I dive in. DeepSeek gives you the best price-to-performance ratio, full stop. Qwen has the widest catalog of model sizes I've ever seen from a single provider. Kimi costs a premium but earns it on reasoning-heavy workloads. GLM punches above its weight on Chinese-language tasks and offers multimodal support that the others don't. Dimension DeepSeek Qwen Kimi GLM Provider DeepSeek (幻方) Alibaba (阿里) Moonshot AI (月之暗面) Zhipu AI (智谱) Output price range $0.25–$2.50/M $0.01–$3.20/M $3.00–$3.50/M $0.01–$1.92/M Budget pick V4 Flash @ $0.25/M Qwen3-8B @ $0.01/M N/A GL
AI 资讯
Building ClaimMate AI
Hi everyone, I'm Marc, the founder of ClaimMate AI. I've been building an AI software engineering platform that helps developers generate code, explain existing code, debug issues, create tests, review code, and build applications from simple prompts or voice. I'm still in the early stages and would really appreciate honest feedback from other developers. Why I Built It I wanted one workspace where developers could chat with AI, generate code, debug problems, and iterate on ideas without constantly switching between multiple tools. I'd Love Your Feedback If you have a few minutes, I'd appreciate any thoughts on: Is the interface easy to understand? Which feature would you use most? What would stop you from using it regularly? What feature is missing? You can try it here: https://ClaimMateAI.pro I'm not looking for praise—I genuinely want constructive feedback that will help improve the product. Thanks for your time!
开发者
you stopped reading the docs. now you don't understand the systems.
I didn't go to a university for computer science. I have a B.Tech in Geophysics. What I know about...
AI 资讯
𝗔𝗜 𝗘𝗻𝗴𝗶𝗻𝗲𝗲𝗿𝗶𝗻𝗴 𝗖𝗵𝗮𝗽𝘁𝗲𝗿 𝟯: 𝗪𝗵𝘆 𝗘𝘃𝗮𝗹𝘂𝗮𝘁𝗶𝗻𝗴 𝗔𝗜 𝗜𝘀 𝗛𝗮𝗿𝗱𝗲𝗿 𝗧𝗵𝗮𝗻 𝗜𝘁 𝗟𝗼𝗼𝗸𝘀
One of the biggest takeaways from Chapter 3 of AI Engineering was realizing that building an AI model is only part of the challenge. Figuring out 𝗵𝗼𝘄 𝘁𝗼 𝗲𝘃𝗮𝗹𝘂𝗮𝘁𝗲 𝗶𝘁 𝗳𝗮𝗶𝗿𝗹𝘆 𝗮𝗻𝗱 𝗮𝗰𝗰𝘂𝗿𝗮𝘁𝗲𝗹𝘆 can be just as difficult. With traditional software, it's usually easy to tell whether something works. If a calculation is wrong or a test fails, you know there's a bug. But AI doesn't always work that way. A model can generate multiple reasonable answers to the same question, making it much harder to determine which one is actually better. That made me think: 𝗛𝗼𝘄 𝗱𝗼 𝘄𝗲 𝗸𝗻𝗼𝘄 𝗶𝗳 𝗮𝗻 𝗔𝗜 𝗺𝗼𝗱𝗲𝗹 𝗶𝘀 𝗮𝗰𝘁𝘂𝗮𝗹𝗹𝘆 𝗶𝗺𝗽𝗿𝗼𝘃𝗶𝗻𝗴? 𝗕𝗲𝗻𝗰𝗵𝗺𝗮𝗿𝗸𝘀 𝗡𝗲𝗲𝗱 𝘁𝗼 𝗞𝗲𝗲𝗽 𝗘𝘃𝗼𝗹𝘃𝗶𝗻𝗴 Reading this section made me realize how difficult it is for evaluation benchmarks to keep up with the pace of AI development. The chapter explains that GLUE (General Language Understanding Evaluation) was introduced in 2018 to measure how well language models performed on common natural language tasks. But within about a year, models had already become so good at it that researchers introduced SuperGLUE in 2019 as a more difficult benchmark. GLUE evaluates tasks such as: Question answering Sentiment analysis Sentence similarity Text classification The chapter also mentions newer benchmarks like: SuperGLUE MMLU (Massive Multitask Language Understanding) MMLU-Pro Each one was introduced because the previous benchmark was no longer challenging enough. What I found interesting is that a model getting a higher benchmark score doesn't always mean it understands language better. Sometimes it simply means the model has become very good at solving that particular benchmark. 𝗨𝗻𝗱𝗲𝗿𝘀𝘁𝗮𝗻𝗱𝗶𝗻𝗴 𝗘𝗻𝘁𝗿𝗼𝗽𝘆 𝗮𝗻𝗱 𝗣𝗲𝗿𝗽𝗹𝗲𝘅𝗶𝘁𝘆 Another section I really enjoyed was the explanation of entropy and perplexity. The chapter explains entropy as a measure of how much information a token carries and how difficult it is to predict the next token in a sequence. Perplexity measures uncertainty. If a model is very uncertain about what comes next, its perplexity will be higher. If
AI 资讯
Boundary 1.0 adds RDP session recording, previews AI-agent access controls
The 1.0 lands with session recording attached HashiCorp announced Boundary 1.0 on June 25. The operational headline is RDP session recording, and the version number is a distant second. Boundary is HashiCorp's privileged-access proxy, and until this release it did not record Remote Desktop sessions on its own. Teams that route Windows-side deploys through the proxy now have a first-party audit trail that ships with the product itself. The announcement bundles two other things on top of the RDP work. "Improved management" is HashiCorp's phrasing. Boundary 1.0 also previews work aimed at securing access for AI agents, which HashiCorp positions as a same-chokepoint answer for a new class of caller. What actually changes on the CD side For most teams the practical read is narrower than "1.0 shipped". Two things move. RDP sessions get recorded through the proxy. Windows targets have historically been the awkward part of a privileged-access story. SSH session recording and TLS-terminating proxies have been standard for years on Linux. RDP has been thinner. A CD pipeline that lands on a Windows host for a hotfix, an artifact promotion, or a release-time config change now has the same after-the-fact video that Linux jumpboxes have had for a long time. The AI-agent preview signals where Boundary wants to sit next. If CD tooling is starting to hand a shell to an agent, that agent needs a credential of some kind. HashiCorp is telling operators the plan is for Boundary to mediate that call the way it mediates a human on-caller today. This is a preview. Read it as a roadmap. Why the audit line matters for release engineering The audit case for session recording is easy to state and hard to argue with. When a bad change lands on a production Windows host at 2am, the post-incident question is always the same: what did the person on the console actually do, and can it be replayed? Without recording, on-call gets shell history if it is lucky and a change-management ticket if it is n
AI 资讯
US investors will soon get access to SK Hynix, another memory maker riding the AI boom
SK Hynix is experiencing a boom credited to AI. It will ride that to a multibillion-dollar U.S. IPO, expected to take place on Friday.
开发者
Google will now count all Android backup data toward your storage cap
Fortunately, it shouldn't take too much extra space.