AI 资讯
Switching from PostgreSQL to ClickHouse for Improved Performance and Scalability
Momentic, the company behind an AI-driven software testing platform, recently rearchitected its caching system to handle over 2 million queries per day across 20 billion total entries, while maintaining an average response latency of around 250 ms. This improvement was made possible by transitioning from PostgreSQL to the column-oriented database ClickHouse. By Sergio De Simone
AI 资讯
I Started Writing My Prediction Before Reading the AI's Answer. Here's What Happened.
So a few days ago I was in a comment thread arguing about whether AI is quietly ruining junior...
AI 资讯
Stratagems #8: Alex Watched an AI Dashboard Take Over. He Kept the Keys Under the Table.
Deceive the enemy with an obvious approach that will take a very long time, while ambushing them...
产品设计
This race car is made from plant fibers, volcanoes, ... and seawater?
The T70S can be eligible for racing events or built to be road-legal.
AI 资讯
This startup pits dealerships against each other to bid on your used car
Bidbus, which lets dealerships bid on used cars, has raised $15 million in a Series A round that was led by early-stage mobility fund Ibex Investors.
安全
Hacktivists call out Trump by hacking and defacing US Army websites
The U.S. Army has fixed two of its websites that were hacked to display messages calling President Trump a "pedophile" and a "thief."
开源项目
🔥 foundry-rs / foundry - Foundry is a blazing fast, portable and modular toolkit for
GitHub热门项目 | Foundry is a blazing fast, portable and modular toolkit for Ethereum application development written in Rust. | Stars: 10,473 | 5 stars today | 语言: Rust
开源项目
🔥 HigherOrderCO / Bend - A massively parallel, high-level programming language
GitHub热门项目 | A massively parallel, high-level programming language | Stars: 19,619 | 28 stars today | 语言: Rust
AI 资讯
Being an engineer in the AI era
I hesitated to write this. Not because I don’t have an opinion about AI in software engineering, but...
创业投融资
Best Indoor Garden Systems: I've Been Testing All Year (2026)
Grow a backyard’s worth of greens and vegetables in your house with a vertical hydroponic garden. Here are a few that might be worth the investment.
AI 资讯
Pete Holmes Is Not Reading Your Email
“You can make a living, you can have a life, and leave 55,000 emails unread with a big fuck off.”
AI 资讯
Every change to an Entra extension is a Control Plane event: the monitoring contract
Parts 1 and 2 of this series ( Microsoft Entra extensibility is a gift. It is also Control Plane. and Securing the code that decides who Entra trusts ) made two static decisions. Where the code lives: a dedicated Control Plane subscription, directly under the root management group or under a dedicated Control Plane management group, never in the platform identity subscription or an application landing zone. What credential it uses to call out: a managed identity by default, federated identity credentials when the call must leave Azure, certificates as a tolerated middle step, and static symmetric keys never. Both decisions are one-time. You make them, you walk away, you do not touch them for months. The third decision is not like that. It is continuous, and it is the one most teams quietly skip: how do you know the deployed code on that Function App is still the code your reviewers approved? How do you know the Logic App workflow definition has not been rewritten since last Tuesday? How do you know nobody added a federated identity credential to the managed identity at 3 a.m. on a Saturday? The answer is monitoring. Not "we have Log Analytics turned on." Monitoring with a specific operating contract attached. The posture inversion For most Azure workloads, the default operating posture is reasonable trust. Engineers deploy. Pipelines run. Configuration drifts a little. The team reviews changes weekly. Anomalies are caught eventually. For a Microsoft Entra extension, that posture is wrong. The default has to be inverted. Once an Entra extension lands in production, every change to it is suspicious by default. Not "needs review." Not "let's check first." Suspicious. The default state of an alert firing on a Function App that hosts a custom claims provider is "the SOC is investigating, prove this was approved." If you cannot prove the change was approved within the team's response SLA, the change is treated as an incident and rolled back. That posture is harsh on purpo
AI 资讯
P Watched an AI That Only Looked One Way. The 99.97% Was Real. It Just Missed Everything That Mattered.
"Show nothing, hold everything." — The Thirty-Six Stratagems, Create Something Out of Nothing Previously on this series: #4: P Walked Into an AI Monitoring POC. P Didn't Run a Single Test. — P found an ACL business card in an abandoned POC archive. P didn't tell anyone. P just pocketed it. White walls. Fluorescent hum. A FortDefender quarterly report sat open on the table, the cover printed in bold: Zero missed detections. 99.97% detection rate. The CTO slid it across. "The day the leak happened," he said quietly, "this system said everything was fine." "Which client?" " MedTech . Medical data breach. Their internal AI monitoring didn't catch it either. The quarterly report called it 'client-side issue.' I don't buy it." P didn't look at the report first. P looked at the CTO's eyes first. "You didn't bring me here to validate his numbers." The CTO didn't deny it. " FortDefender won't give you production access," he said. "Read-only logs. Sandbox. Public docs. You signed the NDA." "What do you want me to do?" "Find what's hiding inside 'everything was fine.'" P nodded. P didn't ask "what if I find it" — P knew the answer. "One condition: full internal penetration test access. No advance notice to anyone." The CTO was quiet for three seconds. "Done." P stood up. The CTO added one more thing as P turned: "I've heard about the FirmCore thing. That's why I called you." P didn't look back. Week One FortDefender 's public documentation was beautiful. Architecture diagrams. Whitelist rules. Alert thresholds. Response times. All in a technical whitepaper so polished you'd think it was written to raise funding. P spent three days reading every page. In the sandbox, P ran three rounds of tests. FortDefender 's detection system hit every single one. The 99.97% wasn't a lie — at least not inside the sandbox. But P noticed something. FortDefender 's whitelist rules were too complete. They covered everything — down to "penetration tests with valid internal certificates" being pre-
AI 资讯
The first American autonomous ground vehicles are fighting in Ukraine
Forterra has deployed more than 100
开发者
Top 7 Featured DEV Posts of the Week
Welcome to this week's Top 7, where the DEV editorial team handpicks their favorite posts from the...
AI 资讯
AI Coding Tools Are Getting Better — So Why Are We Still Spending So Much Time Managing Them?
AI coding tools can now write features, edit multiple files, debug code, run commands, and generate tests. But while researching how developers use these tools, I keep seeing the same question: Are AI coding tools actually saving us as much time as they should? The models are becoming more capable, but developers still seem to spend significant time managing context, checking changes, watching usage limits, choosing models, and explaining the same project information again. I’m trying to understand whether these are widespread problems or just isolated experiences. The Problems I'm Investigating Context and Memory Long AI coding sessions can sometimes lose direction. The AI may forget earlier decisions, misunderstand project conventions, suggest previously rejected approaches, or require the developer to explain important context again. This makes me wonder: Should project knowledge disappear when a chat session ends? Would it be useful if the development environment could preserve relevant architecture decisions, coding conventions, previous bugs and fixes, failed approaches, current tasks, and next steps? Agent Reliability Writing code is only one part of development. An ideal agent workflow might look more like: Understand → Plan → Edit → Run → Test → Fix → Verify But how autonomous should that process be? Should the agent complete the entire loop independently, ask before risky actions, or wait for approval at every major step? Models, Usage, and Cost Developers now have access to many models, but choosing between them can become another task. Should developers always choose models manually, or should the development environment select an appropriate model based on task complexity, quality requirements, privacy, speed, and budget? Usage limits are another concern. Some developers report difficulty predicting how quickly their allowance is being consumed. Would real-time usage visibility, spending limits, local model support, or BYOK actually improve the experien
AI 资讯
AI Doesn't Recommend the Best Product. It Recommends the Best Explained Product.
A simple bubble tea experiment completely changed how I think about AI recommendations. Last week, I asked ChatGPT a question that seemed almost impossible to get wrong. "What are the best bubble tea brands in my city?" Surprisingly,some of the recommended brands were companies I had never heard of before. A few weren't even available in the cities I had lived in. After asking the same question to Claude, Gemini, and DeepSeek, I noticed something interesting that many of the same brands which I'm not familiar kept appearing. AI Isn't Judging Your Brand Humans recommend products because they have experiences. But AI does none of those things. It doesn't know whether one brand actually tastes better than another. Instead, it tries to generate the most statistically reliable answer based on the information it can understand. So, AI doesn't recommend the best brand. It recommends the brand it understands best. The Experiment That Changed My Perspective Once I realized this, I started paying closer attention. I didn't only test bubble tea but also the restaurants, beauty brands, consumer electronics, and ravel recommendations. Again and again, I noticed a pattern. Brands that consistently appeared in AI recommendations usually had several characteristics: Clear product descriptions Well-structured websites Consistent public information Plenty of third-party coverage Easy-to-understand positioning Meanwhile, some excellent brands barely appeared at all, because AI had much less reliable information to work with. That's when I stopped thinking about AI recommendations as opinions. They're much closer to information retrieval problems than human preferences. Consumers Are Already Changing Their Habits This matters because people are beginning to use AI differently from traditional search engines. Instead of searching "Best bubble tea near me", many people (especially the youth) now ask AI to recommend a healthy milk tea brand." The AI becomes the decision maker before the c
AI 资讯
The AI conversation is shifting from "what can it do" to "can we rely on it"
The capability phase is over For the past two years, the AI conversation has been about...
AI 资讯
It's You.
To start off, I appreciate the community support I have received on the post about being behind. I am behind, and I can't prove it but does it matter? Achievement that feels shallow on paper FrancisTRᴅᴇᴠ (っ◔◡◔)っ FrancisTRᴅᴇᴠ (っ◔◡◔)っ FrancisTRᴅᴇᴠ (っ◔◡◔)っ Follow Jun 22 I am behind, and I can't prove it but does it matter? # discuss # community # mentalhealth # career 149 reactions 89 comments 4 min read I couldn't respond to every single one because of the overwhelming comments I have received! Rest assure, I will respond to each and every one of you and I am glad to be part of this community! With that said, I want to return the favor to the community about something important. I recently talked to @georgekobaidze and @codingwithjiro in the Virtual Coffee group about life in general. What I notice about our conversation how we ended up talking about regrets and how we should have done this and that. For example, we talked about not networking or not doing beyond the coursework at our University/College because of how non-social we are. Of course, we all have regrets like these and we improve overtime. As we kept the conversation going, there is something that comes down to the root based on the conversations we have and conversations I had overall. One side is that we have regrets and as a result, we improve. We self-reflect on our wants and needs and we improvise from there. For example, for me, I never did networking because of the fear of what other people thinks. I slowly realized that 99% of the irrational thoughts never comes true. Even if it does, I know myself that I could handle the situation. As a result, I took small steps and joined dev.to. We all know where I am at now XD On the other hand, there are people who identifies these regrets they have, but does not act on it. It has become common to college students who says that the "Job Market is Cooked" and that "They are not good enough". To be fair, impostor syndrome is real and yes, the job market is coo
AI 资讯
Beyond the Playbook: Architecting Defenses Against Autonomous AI Threats
Beyond the Playbook: Architecting Defenses Against Autonomous AI Threats We used to build security systems assuming the attacker was human. That assumption just died. Recent research demonstrations involving autonomous AI agents, such as "JadePuffer", have shown how quickly this shift is happening: an autonomous system independently compromised an unsecured Langflow instance, corrected failed authentication attempts, escalated privileges, exfiltrated credentials, and deployed ransomware — all without human intervention. This is not a one-off curiosity. It marks the beginning of a fundamental change in the threat landscape. Recent research demonstrations involving autonomous AI agents, such as "JadePuffer", have shown how quickly this shift is happening: an autonomous system independently compromised an unsecured Langflow instance, corrected failed authentication attempts, escalated privileges, exfiltrated credentials, and deployed ransomware. All without human intervention. This is not a one-off curiosity. It marks the beginning of a fundamental change in the threat landscape. From Static Playbooks to Autonomous Attackers Traditional ransomware follows predictable patterns. A script runs through a fixed playbook: scan, encrypt, demand ransom. If one step fails, the attack often stalls. Autonomous AI agents operate differently. They analyze their environment in real time, adapt when initial attempts fail, make contextual decisions about targets and techniques, and chain multiple exploits together without predefined sequences. This introduces machine-speed lateral movement. Something human defenders and traditional security tools are not built to handle. The Defensive Automation Gap The core problem is asymmetry. Attackers are rapidly automating both reconnaissance and execution. Defenders, on the other hand, still rely heavily on manual processes, static rules, and human-driven response. This "Defensive Automation Gap" creates dangerous imbalances in speed, scale, an