Field notes from the work.
Writing on infrastructure, AI, Apple deployments, networking, and the operational layer underneath it all. Short, opinionated, from the people doing the work.
- Web3
The smart contract audit you can't skip
Smart contracts are public, immutable, and irreversible. The audit isn't a nice-to-have. It's the only check between your code and a permanent exploit.
May 11, 20263 min read - Security
The strongest password policy is the one that lets you stop typing passwords
Thirty years of "longer, more complex, rotated more often" produced sticky notes and password reuse. The actual move in 2026 is to stop typing passwords altogether.
April 26, 20263 min read - Networking
Wi-Fi failures are almost never the Wi-Fi
"The Wi-Fi is slow" is a symptom, not a diagnosis. Nine times out of ten, the actual problem is upstream — and replacing the access points solves nothing.
April 11, 20263 min read - Apple
MDM is the difference between owning your Macs and being owned by them
By the time you're at ten Macs in a small business, the "do it twice" approach has become a part-time job for whichever team member is least bad at IT. There's a name for the alternative.
March 27, 20263 min read - Strategy
The unwritten roadmap costs more than the written one
Founders carry the roadmap in their heads. The team executes against guesses. Three months in, everyone is doing slightly different work toward slightly different goals.
March 12, 20263 min read - Infrastructure
DNS is plumbing. Treat it that way.
When email stops, when the site goes down, when SSO mysteriously fails — there's a better-than-even chance the root cause is a DNS record nobody is paying attention to.
February 25, 20263 min read - AI
Why your first AI agent should be embarrassingly small
The agents that work in production tend to start tiny — one task, one human in the chair next to them, a tight feedback loop. The flashy demo can come after.
February 10, 20263 min read - Product
Customer interviews you'll actually act on
Most customer interviews are unfalsifiable. Three questions turn an unfalsifiable conversation into something the team can actually do.
January 26, 20263 min read - Operations
Vendor onboarding is your real security perimeter
Your firewall stops external attackers. The vendors you grant access to do not have to attack you to cause damage — they just have to be themselves.
January 11, 20263 min read - Web3
Wallet UX is the whole game
Web3 products that win are the ones that make the wallet invisible. Everyone else is shipping a credential prompt as a product.
December 27, 20253 min read - Security
Incident response when you don't have an IR team
Most small businesses won't have a dedicated incident response team. The playbook still works — it's just shorter.
December 12, 20253 min read - Networking
The cable plan you wish you had three years ago
When you can't run new cable cheaply, the network ages around it. The fifteen minutes of planning before the build saves five years of retrofit.
November 27, 20253 min read - Apple
Mac fleet onboarding without the helpdesk
The new hire opens the laptop. Signs in with their email. Walks away for fifteen minutes. The Mac configures itself. No IT call.
November 12, 20253 min read - Strategy
The technology debt you can't see yet
The technology debt you can see is the easy kind. The dangerous kind is hidden in vendor relationships, license assumptions, and the dependency you stopped reading the changelog for.
October 28, 20253 min read - Infrastructure
Monitoring you'll actually look at
Most monitoring projects fail the same way: every metric, no priorities, no signal. The fix is fewer alerts, ruthlessly tuned.
October 13, 20253 min read - AI
Model selection isn't a model decision
Picking the right LLM is more about your evaluation pipeline than about any single model's benchmarks. The model you can swap is more valuable than the model you can't.
September 28, 20253 min read - Product
Why your roadmap should have a "no" column
Every yes is a no to something else. The most useful column on a roadmap is the one labeled "things we've explicitly decided not to build right now."
September 13, 20253 min read - Operations
Why "automating it" usually means "documenting it"
The first useful step in automation isn't writing code. It's writing down what the manual process actually is — and discovering nobody agrees.
August 29, 20253 min read - Web3
Tokenomics for non-token-people
Tokenomics is just an economic model wearing a costume. The same questions you'd ask of any new currency apply — and most projects fail to answer them.
August 14, 20253 min read - Security
Why password rotation is a security anti-pattern
Forcing people to change their password every 90 days makes them write it down. NIST quietly dropped the recommendation eight years ago.
July 30, 20253 min read - Networking
UniFi for the price-conscious office
Enterprise-grade networking equipment that doesn't bill you per port per year. The honest pros and cons for a small office.
July 15, 20253 min read - Apple
Apple Business Manager: the under-30-minute starter guide
ABM is free and takes half an hour to set up. The companies running Macs without it are inventing problems Apple already solved.
June 30, 20253 min read - Strategy
Build vs. buy: a small framework
The build-vs-buy debate is usually a vibes argument. A simple framework — three questions — keeps it from going in circles.
June 15, 20253 min read - Infrastructure
Backups that actually restore
The script broke 11 months ago. The daily success email kept arriving. The backup file is 4 bytes. We've seen this exact thing more than once.
May 31, 20253 min read - AI
Building a private LLM that knows your business
Off-the-shelf chatbots hallucinate when asked about your business. The fix isn't a better model — it's retrieval, the plumbing around the model.
May 16, 20254 min read - Product
The smallest possible product launch
The big launch day is mostly mythology. The launches that succeed start small — internal users, then friendlies, then quietly to everyone else.
May 1, 20253 min read - Operations
The operations dashboard your team actually opens
Most dashboards are unloved — built by someone who's left, populated with metrics from a previous pivot. The ones that get used share three properties.
April 16, 20253 min read - Web3
What we actually mean by Web3 in 2025
The 2025 Web3 conversation isn't "should we build on it?" — it's much smaller, more boring, more answerable: should we accept stablecoin payments from international customers?
April 1, 20253 min read - Security
The 7-control security baseline for a 50-person team
Security at a 50-person company doesn't need to be exotic. It needs to be present. Here's the short list, in order of leverage.
March 17, 20253 min read - Networking
Why one router from your ISP isn't a network
The combo box your ISP gave you is one device pretending to be four. None of the four is good at its job, and the office figures it out by month three.
March 2, 20253 min read - Apple
Why your team should be on Apple Silicon
Four years in, the M-series chips changed what a laptop is for. The team that used to need three machines per person now needs one.
February 15, 20253 min read - Strategy
Reading the room: tech decisions in slow-growth years
In a slow-growth year, the wrong things get cut: the operational layer that keeps the business alive, while the optimistic projects that aren't earning their keep stay funded.
January 31, 20253 min read - Infrastructure
The case for boring technology
Boring tech has a quiet superpower: when something breaks at 2 AM, somebody else has already hit your problem and written down the fix.
January 16, 20253 min read - AI
AI in 2025: a year of audit, not adoption
For most mid-sized businesses, 2025 isn't going to be the year of AI adoption — it's going to be the year of AI audit. The tools have already arrived. Nobody's counted them yet.
January 1, 20253 min read