Ruggero Tonelli - @ruggero.bsky.social

9.3K posts

Ruggero Tonelli - @ruggero.bsky.social banner
Ruggero Tonelli - @ruggero.bsky.social

Ruggero Tonelli - @ruggero.bsky.social

@ruggerotonelli

Performance, Security & Automation at scale - OpenSource - Linux | 改善 | Head of Platforms|SRE @netquest - @[email protected]

Sabadell, Barcelona, Catalunya Katılım Nisan 2010
650 Takip Edilen1.6K Takipçiler
Ruggero Tonelli - @ruggero.bsky.social
The web is becoming a minefield for autonomous AI. 🕸️🤖 Google DeepMind paper introduces the first systematic framework for AI Agent Traps/adversarial content designed to manipulate, deceive, and exploit visiting agents... 1/2
Ruggero Tonelli - @ruggero.bsky.social tweet media
English
1
0
1
65
Ruggero Tonelli - @ruggero.bsky.social
Can we solve this merely by feeding LLMs more knowledge, or must they evolve from basic "coders" to proficient "architects" with advanced contextual reasoning? And you, what’s your experience with Claude or Gemini writing Terraform or Pulumi code?
English
1
0
0
59
Ruggero Tonelli - @ruggero.bsky.social
We’re closing an incredible year for coding #GenAI but 'Correctness-Congruence Gap' in #LLM-generated Infrastructure as Code (#IaC) is still an issue: LLMs often produce syntactically correct code that not aligned with the intended architectural design and #security requirements
Ruggero Tonelli - @ruggero.bsky.social tweet media
English
1
0
0
74
Ruggero Tonelli - @ruggero.bsky.social
A simple, yet brilliant idea. aikidosec/safe-chain "wraps around the npm cli, npx, yarn, pnpm, pnpx, bun, bunx, and pip to provide extra checks before installing new packages[...] preventing downloading or running the malware." Thank you @AikidoSecurity @ buff.ly/mhJD9ls
GIF
English
1
0
2
146
Ruggero Tonelli - @ruggero.bsky.social
"Reliability is an architecture problem, not a cloud problem." Well said João! 👏🏻
João Alves@joaoqalves

Everyone talks about multi-cloud and reliability. Here’s what it looked like in practice when I joined Adevinta five years ago. The company had just agreed to acquire the eBay Classifieds Group, its secondhand marketplaces division (Marktplaats, mobile.de, and others). On the table: private cloud, GCP, and AWS. Multi-cloud made it to the final spreadsheet, but only so everyone could see how crazy expensive it would be. In the past, AWS and other hyperscalers had single points of failure. As @GergelyOrosz mentions in the latest Pragmatic Engineer newsletter, there are still some components that are “global” and run on a single region (us-east-1). That’s not the norm, and the vast majority of services can be run in multiple areas. It’s up to the business to understand (a) what its critical paths are and (b) what its risk appetite is versus the cost of running multi-region or even multi-cloud/hybrid setups for specific scenarios. For some businesses, 24/7 uptime is more critical than for others. Take Glovo or Uber, for example: there’s a high per-minute cost during peak hours. Why? The cost of switching is low. Users also have Lyft, FREE NOW, Just Eat, and Uber Eats on their phones, so they can easily open another app to get from A to B or order a meal. If one of Adevinta’s portals (secondhand, real estate, or motors) is down at 2 a.m. on a Friday, that’s mostly OK. Yes, there are peak times, but there’s also a counterbalance thanks to (a) network effects — a lot of the inventory on @leboncoin isn’t listed anywhere else; everyone in France uses it — and (b) low time sensitivity. If you’re looking for a flat or a car, it can wait a bit. Multi-cloud (and sometimes even multi-region) sounds smart until you price it, model the risks, and realize: it’s usually not worth it. Reliability is an architecture problem, not a cloud problem.

English
0
0
4
481
Ruggero Tonelli - @ruggero.bsky.social
12:51 AM PDT We can confirm increased error rates and latencies for multiple AWS Services in the US-EAST-1 Region. [...]. We are actively engaged and working to both mitigate the issue and understand root cause. We will provide an update in 45 minutes[..]
English
0
0
0
294
Ruggero Tonelli - @ruggero.bsky.social
@karpathy Code is meant to be "the capstone project of the course LLM101n [..]" so it's readable, "preparatory" to understand LLMs. With adequate resources it allows even to build and train your own with your own training data and weight. Let's call it #democratisation. Thank you Andrej
English
0
0
0
27