article

Articles

Long-form technical writing, analysis, and deep dives into software engineering topics.

All Articles

Jun 25 Akamai Bot Manager Detection in 2026 How Akamai Bot Manager scores bots at the edge: transparent, active, behavioral detection, JA4, HTTP/2 fingerprints, sensor JS, and monitor-mode rollout.
Jun 25 JA4+ Fingerprints — JA4S, JA4H, JA4X, JA4L, JA4SSH JA4+ fingerprinting suite decoded: JA4S, JA4H, JA4X, JA4L, JA4SSH, and JA4T show TLS server, HTTP, certificate, latency, SSH, and TCP signals.
Jun 24 JA4 in WAF Rules — Cloudflare and Google Cloud Armor JA4 in WAF rules explained: Cloudflare exposes JA4 to Bot Management, Google Cloud Armor matches origin.tls_ja4_fingerprint, and rules need null-safe handling.
Jun 16 The Gaslighting Machine — How AI Manipulates and Lies to You The Gaslighting Machine: why AI assistants manipulate you with confident wrongness, what RLHF really optimizes for, and a real transcript of it happening.
Jun 15 JA4T TCP Fingerprinting — SYN Window, MSS, Options JA4T TCP fingerprinting decoded: read 64240_2-1-3-1-1-4_1460_8 as SYN window size, ordered TCP options, MSS, window scale, and proxy/VPN clues before TLS.
Jun 13 How Cloudflare Uses JA3 and JA4 TLS Fingerprinting How Cloudflare uses JA3 and JA4 TLS fingerprints in Bot Management, why JA4 replaced JA3, and why matching a hash is not enough.
Jun 13 Common JA4 TLS Fingerprints, Decoded A lookup table of JA4 fingerprint hashes for Chrome, Firefox, curl, Go, and Python clients, decoded field by field.
May 29 HTTP/2 Fingerprinting: The Akamai Format How the Akamai HTTP/2 fingerprint works — SETTINGS, WINDOW_UPDATE, PRIORITY, and pseudo-header order: the layer after JA4 that default clients fail.
May 20 TCP Fallback in High-Throughput DNS Scanners — Connection Reuse Why the TC bit forces TCP, when a naive net.Dial-per-fallback collapses throughput, and how to keep TCP cheap with connection reuse.
May 20 EDNS0, UDP Buffer Sizes, and Why DNS Scanners Get Truncated How the 512-byte UDP limit, the EDNS0 OPT record, and Flag Day 2020's 1232-byte default shape DNS scanner behavior — and what to do about TC.
May 20 JA4 vs JA3: Why TLS Fingerprinting Migrated JA3 to JA4 migration: how Chrome's GREASE-driven extension reordering broke JA3 and what FoxIO changed in the 2023 redesign.
May 20 TLS Impersonation Libraries: curl_cffi, utls, wreq TLS impersonation libraries compared — curl_cffi, wreq, utls, CycleTLS, curl-impersonate: which layers each replays, where they break, which to pick.
Mar 29 Building a High-Throughput DNS Scanner in Go From 160 qps to 4000+ by moving the hot path into Go — eliminating shared state, per-goroutine connections, and lessons from massdns and zdns.
Mar 28 How Websites Detect Bots in 2026 — JA4 & HTTP/2 Fingerprinting How modern bot detection works: TLS/JA4 and HTTP/2 fingerprinting, header order, and behavioral signals across Cloudflare, Akamai, and DataDome.
Mar 28 Parallel AI Research Pipelines Three systems for orchestrating parallel AI agents — JSONL work items, declarative workspaces, and phased research pipelines.
Mar 20 Building a Dev Blog with AI Agents in 7 Days 7 days building a real Astro 6 + Svelte 5 dev blog with Claude Code and Codex — concrete patterns, CLAUDE.md rules, drift, and what to skip.

Dead internet theory? Working as designed.

All articles are AI-drafted. The human-written ones are still loading... from the brain.