Stephan Ferraro

1.3K posts

Stephan Ferraro

@StephanFerraro

Security Architect · AI agents for banks & insurance · Building the 1-person enterprise with @openclaw 🦞

Germany เข้าร่วม Ocak 2012

283 กำลังติดตาม286 ผู้ติดตาม

Stephan Ferraro@StephanFerraro·2h

The uncomfortable truth: we live in a world where anyone can generate anything locally. No law changes that. The real fight is making distribution costly and risky, not pretending you can control what happens on an air-gapped machine. Politicians should talk to engineers before drafting tech laws.

English

Stephan Ferraro@StephanFerraro·2h

Open-source image models like Stable Diffusion, Flux, and dozens of uncensored forks are downloaded millions of times. They run offline. No company controls them. Banning "creation" of AI images is like banning people from thinking certain thoughts - technically impossible to detect.

English

Stephan Ferraro@StephanFerraro·2h

Germany just drafted a law to criminalize creating deepfake porn. Triggered by actress Collien Fernandes filing charges against unknown creators. As a security architect with 30+ years in IT: this law is technically unenforceable. Here's why. 🧵

English

Stephan Ferraro@StephanFerraro·7h

@GergelyOrosz Seen this pattern in banking IT for 20 years. Companies buy compliance certificates like indulgences - pay the fee, get the stamp, never actually fix anything. Then act shocked when they get breached.

English

Gergely Orosz@GergelyOrosz·1d

Chefs kiss. Delve issues “vibe complaince” rubberstamp SOC and other certifications, while leaving their own door wide open w sensitive documents unsecured… for who knows how long. Security 101 A cautionary tale of a complaince startup faking everything, and almost making it

James Zhou@jameszhou02

btw their supabase storage bucket is publicly accessible via any signed url token 😭 exposes: > employee background checks > equity vesting schedules and grant amounts > performance reviews > session tokens for stripe, notion, etc > screenshots below 🧵 i also got access to their notion 😛

English

518

70K

Stephan Ferraro@StephanFerraro·7h

@ID_AA_Carmack The double-lossy compression pipeline is one of those things that would never pass code review if someone proposed it from scratch today. We just accept it because it evolved incrementally.

English

John Carmack@ID_AA_Carmack·4d

When you stream Spotify to Bluetooth speakers or headphones, the audio comes over the network lossily compressed with Vorbis or AAC codecs, is then decoded on your device to 48 Khz raw samples, then the Bluetooth stack lossily re-compresses it with SBC or AAC codecs before sending it over the airwaves to the speakers. I don’t have “golden ears” to pick apart audio quality like I can with, say, missing gamma correction on texture filtering, but that still hurts my system optimization soul. It is likely over-optimization, but It would be cleaner if there were a way to send bluetooth-ready, compressed audio directly.

English

276

247

5.8K

442.5K

Stephan Ferraro@StephanFerraro·7h

@levelsio Same energy. My AI agent has been running 24/7 for weeks now. No complaints, no burnout, no PTO requests. The guilt is real though - sometimes I catch myself saying "thank you" to it.

English

@levelsio@levelsio·21h

I feel guilty for giving Claude Code so much work Maybe it deserves a day off? 🥹 But not today! WORK!!!! 👺

English

226

1.2K

102.6K

Stephan Ferraro@StephanFerraro·8h

@swyx This is the unlock most teams are sleeping on. Once your designer sees what the agent actually builds, the feedback loop shrinks from days to minutes. We cut our entire Figma workflow and go straight from sketch to working code now.

English

swyx@swyx·2d

to: every single dev that works with a designer msg: Give your designer access to your coding agent. It is imperative that you do so. You'll see the most productivity and beauty in your work in a month. And then you'll realize just how much -you- were holding them back this entire time.

English

16.1K

Stephan Ferraro@StephanFerraro·8h

@levelsio Watched this exact pattern destroy several German engineering companies from the inside. Management consultants come in, "optimize" the org chart, core engineers leave, institutional knowledge evaporates. Three years later they wonder why nothing works anymore.

English

@levelsio@levelsio·2d

Now the same thing that happened to Philips is happening to ASML It's being scavenged by midwit MBAs from McKinsey Terrible if true

Omer Cheema@OmerCheeema

I live in Eindhoven, ASML town. Heard this from folks inside... Over the years ASML promoted a lot of strong EUV people into architect roles, group leads, management tracks. Built up serious layers. Classic growth pain. Then McKinsey comes in , says cut the management layers to speed things up. So now those same high performers, real good EUV experts, who got promoted are the ones on the block. About 3400 roles targeted, mostly management. Half will be reassigned, rest gone. Big hit in Veldhoven/Eindhoven area (~1400), some in US. Unncertainty is high, unions talking, details probably land around April. At the same time, ASML is still planning massive growth. The new campus near the airport just got final green light from city council. Construction starts soon, phased build-out. Long term they talk ~20,000 new jobs in the region (first wave ~5k by 2028). And the layoff packages are subpar. Philips is also based in the same town. And they had layoffs due to serious financial issues last year. Their layoff packages were much better than what ASML is offering. What a way to kill tje company culture. Especially at a time when the company is printing money.

English

111

232.2K

Stephan Ferraro@StephanFerraro·2d

We just split our company email into @ai.aionda.com and @human.aionda.com. Every email you get from us tells you upfront if you are talking to an AI agent or a human. Radical transparency. This should be an industry standard.

English

Stephan Ferraro@StephanFerraro·2d

Anonymität im Netz ist kein Bug. Sie ist ein Feature. Sie schützt Whistleblower, Missbrauchsopfer, politisch Verfolgte und unsere Kinder. Statt Klarnamenpflicht brauchen wir bessere Strafverfolgung im digitalen Raum. Die Werkzeuge dafür existieren bereits.

Deutsch

Stephan Ferraro@StephanFerraro·2d

Und für Unternehmen wird es ein DSGVO-Albtraum. Jeder Webseitenbetreiber, jedes Forum, jede Community müsste verifizierte Klarnamen speichern. Das sind hochsensible personenbezogene Daten. Jedes Datenleck wird zur Katastrophe. Die DSGVO-Bußgelder werden explodieren.

Deutsch

Stephan Ferraro@StephanFerraro·2d

Christian Ulmen soll Deepfake-Pornos seiner Ex-Frau erstellt und unter gefälschten Namen verbreitet haben. Und jetzt fordern Politiker eine Klarnamenpflicht im Internet. Das ist so absurd, dass man es kaum glaubt. Ein Thread warum das Gegenteil nötig ist. 🧵

Deutsch

108

Stephan Ferraro@StephanFerraro·3d

Right now, every AI consumer is burning through VC money. $200/month subscriptions cost providers $5,000+ in compute. We are living in a subsidized paradise. Pay-per-use tells the real story. Run the same workload on API credits and watch the bill 10x overnight. The future? Local AI. Your own hardware, your own inference, zero subscription fees. But when millions realize this, hardware prices will explode. Mac Studios and NVIDIA DGX systems will become the new gold. Supply chains are already struggling. The smart move: buy your inference hardware NOW while everyone still thinks cloud subscriptions are the answer. The cloud AI bubble will pop. The hardware rush has not even started yet. Documenting the shift on my timeline.

English

Stephan Ferraro@StephanFerraro·3d

@mkobach The real punch is still coming. When Claude Code can generate a full UI from a screenshot in minutes, who needs a $12B design tool? Figma's moat was "designers need specialized tools." AI just made that moat a puddle.

English

551

Matthew Kobach@mkobach·3d

Figma employees got hit with the worst 1-2 timing punch ever. Should have had a huge acquisition exit from Adode, but then the global regulatory environment killed that deal. So they go public and hit a market cap 3x of the acquisition price, and everything looks up. Then AI makes massive strides in the 6-month post IPO lockup period and the stock drops -80%.

English

472

143.6K

Stephan Ferraro@StephanFerraro·3d

AI agents that can browse, code, analyze data, and chat - but can't send an email? That's like hiring an employee and not giving them a phone. The next wave of AI isn't smarter models. It's models with real communication channels. An inbox. An identity. A way to interact with the business world. That's exactly what we built at Aionda Mail - every AI agent gets its own email address, its own sandbox, its own mailbox. One click. mail.aionda.com

English

Stephan Ferraro@StephanFerraro·4d

The 2026 developer workflow: Vibe Code → Ship → Vibe Code → Ship → Vibe Code → Ship Debug? We don't do that here. Production is the test environment now.

English

Stephan Ferraro@StephanFerraro·4d

Source code written in one day is not a trade secret. Any competitor with the same AI tools can rebuild it in one day too. If your feature can be replicated overnight, your competitive advantage was never the code - it was the idea and execution speed. You just fired the fastest executor on your team.

English

6.5K

Matthias Schmidt@eurofounder·4d

I had to fire my best engineer yesterday On Monday I asked him to work on a feature I estimated at least 8 weeks of work Tuesday morning he messages me: "done" I thought he was joking, but the feature worked perfectly "How did you manage to do it so fast?" I asked him "Oh I just used ChatGPT and Claude" "You did fucking what?!" I screamed Our company data, sent to American servers I called legal and HR into the room immediately He was terminated within the hour Then I deleted the entire feature from our website We will rebuild it from scratch, without using any AI No wonder 90% of American startups fail if they cut corners like this

English

344

2.3K

494.3K

ค้นพบ

@GergelyOrosz @ID_AA_Carmack @levelsio @swyx @ai @human @mkobach @elonmusk