Blog
Welcome to the Blog.
Trace-First Debugging with Terminal Notes
2026-02-22
Many debugging sessions fail before the first command runs. The failure is methodological: teams chase hypotheses faster than they collect traceable facts. A trace-first approach reverses this. You start with a structured event timeline, annotate every command with intent, and only then escalate into deeper tooling.
This sounds slower and is usually faster. ... continue
Timer Capture Without an RTOS
2026-02-22
One of the most useful embedded skills is measuring external timing accurately without hiding behind a heavy runtime stack. You do not need an RTOS to capture pulse widths, frequency drift, or event latency with high reliability. You need a clear timing model, disciplined interrupt design, and careful data handoff.
Timer input-capture peripherals are built for this job. They latch counter values on configured edges and let firmware process deltas later. The hardware does the precise timestamping; software handles interpretation. ... continue
Threat Modeling in the Small
2026-02-22
When people hear “threat modeling,” they often imagine a conference room, a wall of sticky notes, and an enterprise architecture diagram no single human fully understands. That can be useful, but it can also become theater. Most practical security wins come from smaller, tighter loops: one feature, one API path, one cron job, one queue consumer, one admin screen.
I call this “threat modeling in the small.” The goal is not to produce a perfect model. The goal is to make one change safer this week without slowing delivery into paralysis. ... continue
The Cost of Unclear Interfaces
2026-02-22
Most teams think interface problems are technical. Sometimes they are. More often, they are social problems expressed through technical artifacts.
An interface is any boundary where one thing asks another thing to behave predictably. In code, that can be a function signature, an API schema, a queue contract, or a config file format. In teams, it can be a handoff checklist, an on-call escalation rule, or a release approval process. In both cases, the cost of ambiguity is delayed, compounding, and usually paid by someone who was not in the room when the ambiguity was created. ... continue
Terminal Kits for Incident Triage
2026-02-22
During an incident, tool quality is less about features and more about reliability under pressure. A terminal kit that is small, predictable, and scriptable often beats a heavyweight platform with perfect screenshots but slow interaction. Triage is fundamentally a time-budgeted decision process: gather evidence, reduce uncertainty, choose containment, repeat. Your toolkit should optimize that loop.
Most failed triage sessions share a pattern: analysts spend early minutes assembling ad-hoc commands, searching historical snippets, and normalizing inconsistent logs. By the time they get coherent output, the window for clean containment may be gone. A prepared terminal kit solves this by standardizing primitives before incidents happen. ... continue