Olivia
Online
Dele
@DeleLearnsTech
- Platform Security Engineer
- University Lecturer
- Medium profile :
La newsletter DevSecOps
Joined November 2023
242 Following
1K Followers
1.6K Posts
Audit your training scripts right now.
torch.load() without weights_only=True → running whatever the author wanted
joblib.load() on external files → no sandbox, period
from_pretrained() → check Files tab for .safetensors
Model files are executables. Treat them like binaries.
Protect AI scanned HuggingFace.
Found 200+ models that execute shell commands the second you load them.
Not a CVE. Not a bug. This is how Python serialisation was designed to work.
Here's the exploit, the mechanism, and how to stop it. 🧵
Add this to your pipeline before any model reaches prod.
Takes 3 seconds. Has caught real malware.
If you load ML artifacts in CI without scanning, you're trusting strangers.
Learning GCP this month.
First real “huh” moment:
- On EKS, I harden the AMI.
- On GKE, the host is COS, and Google hardens it for me.
My job shifts from “patch the node” to “trust the node, focus on the workload.”
Not better or worse.
Different threat model.
Do not forget to learn the basics.
Basics will always help AI and you to understand, drive and complete projects.
Most companies still route everything through a VPN !
I've been using GCP's Identity Aware Proxy.
IAP doesn't trust the network at all, requests are authenticated and authorised on identity + device context before reaching your service.
No implicit trust. Cleaner architecture.
Most companies still route everything through a VPN
I've been using GCP's Identity Aware Proxy.
IAP doesn't trust the network at all, requests are authenticated and authorised on identity + device context before reaching your service.
No implicit trust. Cleaner architecture.
A flow I just tried and LOVED:
1. /grill-with-docs, talking about a new bit of UI
2. Asks me a question I can't answer unless I prototype
3. /prototype
4. Iterate on the prototype, burning tokens freely until we get a good spot
5. /rewind to the question, and select 'summarize' (Claude Code feature), saying 'summarize what we learned from prototyping'
6. Continue the grilling session, retaining the prototype
Smoooooooth
Don't forget to ask your LLM to provide a diagram for each task you need to do.
1. You learn more
2. You get a documentation AND a presentation support
3. When your LLM draws the diagram, it can actually evaluate the solution and reduce the error rate
Don't forget to ask your LLM to provide a diagram for each task you need to do.
1. You learn more
2. You get a documentation AND a presentation support
3. When your LLM draws the diagram, it can actually evaluate the solution and reduce the error rate
One of the best interview advice I received..
Show something relevant to the job during the interview!
Diagram, Technical Demo, Research paper.. anything you could think of!
You will score a lot of points!
If you don’t have confidence, build evidence.
If you don’t have evidence, build skill.
If you don’t have skill, build discipline.
If you don’t have discipline, build accountability.
If you don’t have accountability, remove friends + change environment + add stakes.
Last Seen Users on Sotwe
Trends for you
Most Popular Users
Elon Musk 
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.9M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.8M followers
Taylor Swift
@taylorswift13
80.6M followers
Lady Gaga
@ladygaga
72.2M followers
Kim Kardashian
@kimkardashian
69.4M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.5M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.1M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
59.9M followers