[image: image.png]
Every so often I poke my head out, gopher-like, from the tunnels where I am
furiously vibe-coding, or as it's going to be known a couple years from
now, coding. I think it's probably true that coding used to be a high
octane sport for concentration freaks as deep in the zone as a sperm whale
hunting giant squid by listening to the faint echoes of pings off squishy
bodies leagues away. But coding is now a juggling competition where the
winners are over-caffeinated ADHD insectivorous bats tracking the results
of five different queries into as many LLM-based coding systems and context
switching, running tests, and re-querying at a rate that would drive most
people bananas.
In other words, to compete in this day and age you do have to know your
LeetCode, but you have to do it in parallel, using Codex, or Windsurf, or
Codex-CLI, or cutting and pasting bits of code into o1-pro, but all at
once, choosing which LLM-assistant-coder depending on what exact kind of
programming issue you're trying to solve. On one hand, these tools are very
much junior engineers, and make simple mistakes, and on the other hand,
collectively they are better than you will ever be and realizing that as
soon as possible is a big advantage.
I spent some time, while contemplating obscure and bespoke flavors of
obsolescence, to listen to Halvar's most recent talk. Everyone should. It
is here: https://www.youtube.com/watch?v=qllU_B_Rmis .
[image: image.png]
"Cyber-espionage does not easily translate into industrial capability,
particularly in fast moving industries. You don't become a carpenter by
stealing his invoices" - Halvar
And of course not? But that's not what hackers do. As we learned from
listening to Grugq's keynote
<https://conference.hitb.org/hitbsecconf2023hkt/speaker/the-grugq/> the
most likely scenario is that hackers attack the carpentry problem as a
system - use the invoices and outgoing quotes to drive all the business to
yourself, along with stealing all their best people by offering them
exactly 2X their salary. Going active sometimes means DoSing the supplier
of some company so it misses a key deadline with its customer-base, which
then moves to your more reliable, cheaper, product, built by their former
head of engineering.
And I firmly believe that few scientific and engineering problems are so
hard that they can't be replicated given access to the right cyber team and
all the resources a nuclear power can throw at them if they are a national
priority. Half of the cyber policy world still thinks that cyber norms are
a thing! We have labored for too long under the belief that we were going
to be able to set the rules to the game in a new domain. But the rules are
what they are. The terrain has no master.
-dave
