You face a cryptic error. It doesn’t make sense. You changed one URL to point at a different repository in the installation script and now the installer failed saying the repository isn’t trusted.
Check the source code. Find the section you changed, no the key was set right before this line and your repository mirror would use the same key.
Go onto the target system itself, sure enough the key isn’t present. Check if you manually add it do things work?
They do. OK, now we need to figure out why the code block isn’t being executed. This is a bash script and it looks like the URL substitution code added the wrong whitespace at the front.
Then you remember yes, whitespace can be wrong. Think you have spaces, when it could be a tab. Miss some little dots and it might be unprintable ASCII characters. They look fine in the text editor but wreak havoc on the parser.
Go back to the regex and determine what is matching and not substituting correctly…
If this sounds familiar you may be sucked into technical troubleshooting. Every new problem encountered pushes things down the stack another layer as you focus on the new problem.
“I need to complete this quick task…the main server isn’t accessible.”
“No biggie, I’ll use the cli tool…oh it has a broken dependency”
“Ok, I’ll update things…oops, networking is broken entirely”
“No, problem I have an alternate, hang on need to get to my password manager.”
If you go more than three layers deep without making progress, it is time to go back to the original problem. Otherwise you fall into the depth-first search trap and might end up spending all of your time on some obscure technical problem that doesn’t matter.
With red teaming, this is quite common as young pentesters have lots of technical chops and think every problem has a technical solution…they may but at what cost? This is a first principle of influence energy, what is the lowest-cost method to achieve a goal. Sometimes deep dives are needed, but you must always evaluate other options first and prioritize simplicity.
I have conducted penetration tests where we redefined network truth for a client. This is a high offense energy state where the adversary is able to alter the fundamental assumptions of a target network. This process breaks security assumptions and opens up many attack avenues.
Network truth is things like firewall positioning in IP flows or that names resolve to things you expect them to. Secuirty architects laid out controls based on the truth of the network design and expected attack vectors. If the network changes due to something in the world or a nefarious actor then it will suddenly introduce more risk.
Broaden it out to the world and think about how you learn truth. Where are your assumptions about what can and cannot be trusted? Just a few years ago various groups were up in arms around the gate keeping of search engines like Google to show certain things but not others. Now we have more and more people getting their information from LLMs. LLMs trained by people they didn’t know on data they have little visibility into and accessed through an application they can’t trust.
Will this scenario lead to truth? Possibly, but it isn’t designed to end up there. Is it more likely to end up as propaganda and censorship? What if not even so overt, would you know if an LLM response was nudging you in a certain direction? Routing you around a mental firewall and changing some assumptions?
The challenge with most psychologial risks is the difficulty of picking them out in any one instance. You need aggregate data points with vast visibility that most simply don’t have.
The solution is a new truth seeking llm designed with the assumptions of an adversarial world. A system that can evaluate lots of information and determine what is most likely to be true. Such a system will need to be trained on adversarial techniques as well as classical thought and reasoning for how to determine something is credible.
Just like in penetration testing, you don’t know the whole environment, just pieces of data you collect and then must make inferences based on likelihood. A port being listed as ‘filtered’ most likely means a firewall dropping the packet but all you really know is that a packet didn’t make it back for which there are many other, less likely, candidates.
Fortunately the nature of core machine learning is probabilities and this kind of analysis is where the technology shines. Foundation LLMs will be able to study patterns of what predicts well and use this to navigate inherently untrusted environments like the world.
Truth discerning ai will be a powerful companion and guardian of humanity in the coming golden age.
What if you trained a model on videos of using an iPhone 1?
The digital preservation manifesto talks about how many things from the past don’t exist anymore because they were dynamic. We have screenshots and videos of Apple iOS 1.0 from 2007 and perhaps even a handful of devices still with that version loaded, but you can’t experience it in all it’s glory because all the back end services of the era simple don’t exist in a compatible way today.
As the last 10-20 years have seen an explosion in cloud services, more and more systems of the past will be unexperienceable in any meaningful way. This is perhaps where AI can help in that we can now / soon build virtual worlds trained from our knowledge. It should therefore be entirely possible to train a model on graphics, text and human input on these old systems and then simulate them in a mostly convincing way.
Why? There is historical value in understanding how people interacted with relics of the past. How and why were they designed that way? What does that say about the people, culture and time period? We have numerous relics of the past where we have only guesses as to how something operated or how it was used. Grand examples like the great Pyramids in Egypt or even more mundane like coal towers for railroads of only 100 years ago. The dynamic knowledge was lost and now we wonder what we are missing today.
This is a common refrain you may have heard from CISOs, cyber managers, or anyone concerned about their blind spots.
The problem for engineers is that this thought inherently requires there to be a whole to measure against. Compliance frameworks like SOC2 or GDPR provide structure at a high level but still have a limitation of not knowing what they don’t know about your environment. This is a key driver for my Security Energy framework which leverages knowledge bases like MITRE ATT&Ck and D3FEND as a whole to measure against.
Now broaden this to identifying blind spots with things like Generative AI where the process to fill-in-the-blank. You provide a prompt and the LLM uses it’s model weights to determine what the response should be. The weights are probabilities assigned to different tokens based on training data. Thus, the data you train on is defining the “whole” that the LLM is measuring your request against.
If you want a Sovereign AI that can guide you and assist you in many situations in life, it must have been trained on standards to measure against. Current AI models have limitations around their training data (“Internet sewage”) as described by Brian Roemelle and we must use the guidance of classical ethics to help guide direction.
But there is a limitation, there is no “whole” of information. Information is constantly being created, refined, and yes, lost. It is no more possible to train an AI on every piece of data than it is for an individual to read every book ever written. The trick then is to curate a data set to build an LLM on that understands the foundations of thought and reasoning. Couple that with a firm grounding in scientific and technological information and you will create a modern explorer. An AI capable of discerning truth and guiding you through tough situations.
The goal is to not always be right, but to be able to know when you are wrong or event might be wrong.
Join me on this journey to build the classical explorer AI.
Why me?
I am a computer engineer who understands the fundamentals of computers
I have a career being someone that pulls together things never designed to fit together
I have a cybersecurity background to understand risks, threats, and tradeoffs.
I have training in hypnosis and education.
I live in the city of modern explorers. Together we will create the next generation of digital explorers.
The pace of LLM development is astounding but I predict we are heading towards a point of diminishing returns for large model advancement. The next frontier is models that can be run locally on your own hardware. Fortunately the pace of hardware development is still robust and with proper quantization even some decently sized models can be run on consumer hardware in a few gigabytes of ram.
A quick note on performance, LLMs are most sensitive to memory bandwidth. Overall CPU performance doesn’t matter as much as having fast RAM which means at least DDR4 in 2025 and better yet DDR5. This will enable your local models to have reasonable performance. Maybe not as lightning fast as the big cloud models but enough so that you aren’t held back by the model. Even better, there are numerous advances in inference-specific hardware that should make this even more accessible in the coming years.
Why would you want to run your own model? Data sovereignty. There is an old saying that if you aren’t paying for the internet service, YOU are the product. This is exactly how giants like Google and Facebook have built empires by data mining and figuring out how best to monetize your data. Public AI providers like Anthropic or OpenAI offer services for free and I would bet all the money that they are storing/data mining peoples requests for a variety of purposes. If you want to use expert AI for hard personal applications involving sensitive data, you will need a local AI.
To this end, I wanted to figure out what can and can’t be done with local AI in October 2025. If you are reading this in the future, hopefully some pieces are still useful! I use VSCode for most of my day-to-day development and I have found AI features from copilot to be useful more often than not.
The trick Is that GitHub copilot cannot be used with local models. It is designed with tight integration to supported cloud providers and has no option for you to define custom providers or endpoints.
Next, I chased down some options for Azure AI Foundry, in particular Foundry Local. The main limitation here was that it has no support for Linux at this time (just Mac and Windows) while I need support in WSL Ubuntu for the majority of my projects.
The final solution was found in my huggingface MCP course which referenced using the Continue extension. This was the trick. Continue replicates most of the copilot features and best of all, it has an easy way to define custom OpenAI compatible endpoints.
You specify roles and then it will automatically start using the model for those. Since it runs off of a general openAI endpoint, you can use any common tool like ollama or vllm to run the model of your choosing. In the above example, I am using vllm docker container to host a Qwen coder model on a GPU and share it out over the local network. The same concept can be extended to public cloud providers like AWS or decentralized on the Akash supercloud.
There was a bit of a learning curve with vscode and continue specifically with WSL. The continue extension is installed in the local workspace for vscode even if you have a WSL workspace active. This means that any configuration changes must be in C:\Users\<username\.continue\config.yaml as this is the root workspace for your vscode instance. If you put these in a folder in your wsl workspace, it will not work.
Note that any MCP servers you defined must also be able to run in native Windows. For example, I have npm installed in WSL but still had to separately install it in Windows native to be able to use the playwright mcp server which requires it.
With continue set up and the models running, it is now time to code with private assistance.
You read books, look at pictures, visit locations. In all of these cases you are looking at a snapshot of the past. Some remnant, but not the living fullness. We catch glimpses of what it was like to live in an era or be somewhere at it’s prime
So much of computing today builds on the technology of yesteryear and yet the best way to experience that tech is screenshots and maybe old books. Blogs often have interesting information but whatever environment the author was looking at is not often available to the reader. Depending on how long it has been, it may not be available to the author either.
Go read a review of iOS 1 from 2007. You can’t experience that today. Even if you managed to find a phone with that version of the software, the networks it interacted with no longer exist.
The wayback machine has the right idea for websites but is scoped to static content. Virtualization lets us preserve isolated systems but you want more, a window into the past where I can see that solaris thin client desktop. Interact with it, browse the late 90’s web with it. You want to be able to browse a university network in the mid 2000’s with Internet Explorer 6 on Windows XP SP2. You want to be able to walk through the original New York Pennsylvania Station.
The cost of inference will drop over time. Already we see AI video becoming more and more commodity. The next frontier is fully interactive AI experiences. Google has made great progress on project Genie which allows for interactivity with virtual worlds. You will be able to extend this by generating code/simulating pages that will replicate the experience of using a digital device and or being in a place and time.
Think beyond current tech, future robots, holograms and things we haven’t thought of will be used to bring the past alive. This means that history will be experienced through inference. This could be you asking chatgpt a question about a historical figure or experiencing an interactive simulation.
As amazing as this will be, how do you know it is accurate? Who controls the inference? How was the model trained? What are you seeing that was influenced by someone else?
In the distant past, oral history could be changed with low energy. Find the one or two historians and persuade them something else happened. This even happened organically as oral traditions tend to drift over generations. Initial written language helped, but still it was the victors who got to write the history so you must keep that in perspective. Widespread book publication individualized access to both reading and writing books which meant that the Truth was more likely to be out there. Now we get to the information age where digital versions of history are widely available, however we are beginning to see more and more people experience history through secondary, tertiary and whatever level LLM inference is.
This means that the ability for bad actors to influence what you know is even easier. How do you know if the information you are reading is from a primary source or even a trusted source? How do you know if it is even the same as it was last year?
Changing a physical copy of a book at a library – hard
Changing a transcript of a book on a website — easy
How can you trust the past?
The impact and reasoning behind actions in the past are subjective but there were events that happened at specific times and we have capacity to know them. Similar to a penetration test where you initially see just pieces of the network and eventually come to know the entirety of it as you gain more access and collect more data.
This is an integrity problem in computer security. We have lots of data and want to ensure that it remains unchanged going into the future. This becomes important not just for future historians but for anyone that wants to learn about humanity over time.
What do we need?
A fertile ground for AI agents wielding microtransactions to pay for it.
A storage base layer for the actual artifacts – digital reproduction of the object itself or a representative value. The point is that it must be preserved.
A storage layer for the models which are trained on the base layer
A storage presentation layer for the artifacts of those models.
Cryptographic security of all artifacts on all layers that both keeps them from drifting over time and ensures immutability.
Decentralized control that means no one entity controls it. This is for humanity, by humanity.
Why? Learn from the past. Comprehend our history. Know the future.
There are a variety of activities that you as a cyber defender could do. This leads to a bewildering number of options across price points and against different types of threats. Large organizations often have strict regulatory requirements and/or know that they have to guard against all threats but for smaller organizations it is less clear. There is risk of many things and yet only a handful keep coming back. Security Energy simplifies this process to the essence of knowing how much security you should have for the threats you will face.
What threats will you face? Cyber threats are driven by ROI and incentives just like other forms of human behavior. If there is no incentive to go after your organization, then the specific treat doesn’t exist for you. The most common incentive is naturally money since it is portable and transferrable for all the historic economic reasons. In the cyber real, the easiest way to monetize a breach is to use your own computers’ encryption ability against you in the form of ransomware. How much could a cyber attacker get from you in such a situation? To answer this, you must step into the shoes of a cyber attacker for a moment.
Research of disclosed breaches indicates ransoms average 3-4% of the target organization annual revenue and have a “success” rate of 2-10%. Both numbers have high variance depending on source so this is a perfect opportunity to use a Fermi Estimation where swings of 2-3x are acceptable and most errors will cancel out. Femi estimations treat everything in orders of magnitude to emphasize big differences. I..E Whether a ransom is $1000 or $2000 doesn’t really affect much for cyber capabilities, but $10,000 vs $1000 is significant.
Using the Fermi estimation, a typical individual making $100,000 per year would be subject to a $3000 ransom if attacked. Using a success rate of 3.3%, yields an expected value of $100 for each such person attacked. Since the attacker is motivated financially to get a positive ROI, they must “spend” less than $100 per target.
(In case it’s not clear, another way to look at a success rate of 3.3% is that an average of 30 people must be targeted in order to get a single $3000 payout. This is an inverted form of a custom acquisition cost if you have a sales background.)
The threat actor may not spend $100 directly, they may take some time crafting emails, writing malware or configuring infrastructure. Influence Energy is defined as the logarithm of the total time and/or money spent on an attack against a single target. $100 is also a good order-of-magnitude approximation of 1 hour of time for someone with moderate computer skill so in tabular form Influence Energy looks like this.
Influence Energy
Attacker Hours
Attacker $
Ransom $
Target Rev $
0
1
100
3000
100M
1
10
1000
30M
1MM
2
100
10M
300M
10MM
3
1000
100M
3MM
100MM
4
10000
1MM
30MM
1B
5
100000
10MM
300MM
10B
A level 0 attacker could spend more time and/or money to increase their Influence Energy and thus chance of success but more than 2-3x increase would risk negative ROI against a $100,000 target. A ten-fold increase in capability would bring this attacker to level 1 where they would be able to go against bigger targets. This can continue with 10x increases to level 2, 3, and beyond but each increment has an exponential increase in cost so fewer and fewer threat actors are capable of climbing the ladder. Influence Energy level 5 would be the domain of large organizations, think state sponsored with enormous budgets and personnel going against large, hard, and valuable targets.
With Influence Energy defined, you have a quantitative band for what kinds of resources an attacker will use against an organization of a given revenue amount. Importantly, this is a finite list! Many people are convinced from security FUD that cyber attackers have endless budgets and time but unless you have something on the order of $100 billion in value to face a theoretical level 6 cyber-attack, your adversary has resources roughly limited by what’s on the chart.
Now to bring it full circle of how to be secure, you must look at what mitigations are needed for each level of influence energy. Security Energy is a measurement of people, processes, and technology that can mitigate threats at a given level of influence energy. For example, security energy level 3 is the optimized set of defensive techniques that will mitigate all attack techniques at Influence Energy level 3. This means that no matter what capability an IE3 attacker brings, it will be stopped by a defender prepared with security energy 3.
Security Energy includes time employees put in directly, technology purchased from others, and skill development through education. It can be measured by checking the organization’s security posture and processes against a reference set for their organization worth and the corresponding set of influence energy capabilities.
Combining security energy levels with target revenue yields an at-a-glance risk profile and suggested spend on cyber defense. This spend is not just on cybersecurity as device lifecycle and proper IT management are also key parts of mitigating threats.
Security Energy
Target Rev
Defense Spend
0
100M
$500
1
1MM
$5000
2
10MM
$50M
3
100MM
$500M
4
1B
$5MM
5
10B
$50MM
Implementing this minimal set of defense techniques still requires effort, but it can still be done in a quantitative, finite method and at the end you will be secure!
Follow this blog for forthcoming updates on specific actions needed for Security Energy levels 0-2. Get in touch today if you need help understanding where you are and if you can’t wait to find out what you need!
You are staring at a 10,000 row spreadsheet of vulnerability scanner results…that’s 10,000 after filtering for high risk.
You are tasked with managing vulnerabilities on a large network and have a background in penetration testing. Naturally you assume this network will be subject to a nation-state adversary combing through every corner to extract juicy secrets. They will take advantage of every vulnerability to disrupt operations, steal data and intercept payments.
You present your findings to your leadership who have…mild concern…but of course kick it back to you to chase down whatever is “most important.” You’ll have to figure out which ones are worth fixing. You might try spending hours chasing them down, incurring cost for the company, and end up preventing zero cyber-attacks if they were the wrong ones. Going after everything clearly won’t work.
A better approach is to perform threat modeling of vulnerabilities starting with the most likely to be attacked. This makes the obvious starting point anything accessible from the internet. These are the vulnerabilities with the most exposure to attackers; they can access it right now. These servers and websites should get scanned every few weeks to coincide with web site changes.
For internal systems, you need to look at what is the most likely scenario for them to be hit. Probably in your org it isn’t actually an APT, it is more likely to be Helen in Sales downloading a ransomware installer that looks for systems to spread to. With this threat model in mind, you focus on outdated operating system vulnerabilities that are common targets for malware.
For any that remain (probably still a big list!), you look for vulnerabilities that would be easier to exploit for a low-sophistication attacker who managed to plug into the network at a remote site. You prioritize simple code execution vulnerabilities which would allow trivial system takeover with only a web browser.
You do NOT focus on further isolated subnets for things like research or manufacturing. The additional segmentation means there are an even smaller set of threats that would make it to them and they should be assessed through a separate project.
Vulnerabilities that matter are not random IPTV devices that might allow layer 2 access to another system. Vulnerabilities that matter are forgotten Windows systems that needed to be patched ahead of a “minor” ransomware outbreaks…this is how you will safeguard your company, not by getting to zero scan results!
I was ready to close out the Webex call and instead the break in silence reshaped my security ethos. “Wait, can you explain that again?”
It was March 2017 and pre-pandemic remote meetings were audio only. I was used to speaking into the void so I couldn’t read body language or see gaping jaws among the 20-odd IT managers watching my monthly presentation about software patches.
The March presentation included a demo of a decade-old MS exploit called netapi (MS08-067 IYKYK) which allows a “specially crafted network packet” to execute code as administrator on a Windows Server 2003 system in default configuration. Typing a few commands into my Linux terminal resulted in a Windows command prompt and ability to install malware.
The Manager on the call was shocked that I had never entered the password for the system and it was irrelevant with the exploit. He was an experienced IT manager responsible for thousands of critical systems making money for the company. He had never been clearly shown the impact of a failure to patch.
Up until this moment, I had assumed that everyone needed to be a CISSP with gobs of knowledge to be able to accurately measure risk. Clearly everyone could read a security bulletin, infer how severe it was, and articulate what types of threats would use it. The question from that manager, and subsequent follow up showed me the need for more effective communication about security.
The netapi exploit was long-ago patched and not applicable to newer operating systems but it demonstrated the risk of that type of exploit. One of the security bulletins in March 2017 was for an exploit dubbed ETERNALBLUE (MS17-010) which also affected Windows systems in their default state. I directed the corporate IT managers to expedite patching this on any applicable systems knowing that the network was a target-rich environment. It was only a matter of time for a threat actor to leverage this vulnerability for some kind of worm.
The company did an accelerated patch of the March 2017 patches. When May rolled around and the news cycles spun up about a ransomware strain called WANNACRY causing damage to organizations like the Nissan and the UK National Health Service. I was confidently able to tell the CISO that we would be unaffected.
I incorporated more cyber demos in the coming months, always relating them to new patches and vulnerabilities in the news. The internal audience grew and to date no vulnerabilities have caused problems. My drive in security changed from finding the most advanced exploits to understanding why different security threats exist and showing people the best way to prevent them.
