Welcome to my blog, a bit about me...
By day, I'm a Principal Data Scientist at MassMutual focusing on Cybersecurity and Enterprise Technology. I lead the Cybersecurity & Fraud Data Science Team and drive enterprise-wide AI transformation initiatives.
I also hold a PhD in Computer Science from the University of Vermont, with research in computational finance and cybersecurity.
That said, you'll probably find me writing about completely unrelated side projects that caught my curiosity.
Like building compilers and running a home-lab.
I love exploring new technical challenges and sharing what I learn along the way.
LLMs Claude QwenLocal Inference LM StudioAgentic Coding
I set out to find how big the gap between a Claude subscription and a self-hosted setup actually is, and
whether a local coding agent is viable for real work. The experiment ran in two phases. First, five arms
(four local open-weight variants chosen to span the capability/context/speed tradeoff, against Claude Opus 4.7 as
the cloud baseline) each designed a complete Playwright E2E test suite for a real Laravel + Livewire app
from scratch. Then the best plan
was handed back out to be built: Claude Code against the strongest local arm, head-to-head on the
same plan. It's as much a practical guide to getting real work out of a 24 GB card as it is a contest: how to
choose the model, the quant, and the context window so a long agent run has the room to finish without compacting,
the agentic-coding tips I use and teach professionally, and one structural advantage Claude has that doesn't show up
in any model card.
This is not meant to be a fair fight. Quant levels and context windows are chosen to fit 24 GB of VRAM under
realistic conditions, not to give each model its theoretical best precision. The point isn't “who wins a
level playing field”; it's “given the constraints anyone would actually face, what does the gap look
like for real work?”
LLMsLocal Inference QwenCybersecurity Claude Ollama
I've been meaning to prep for and take the CISSP exam for a while now. This work does not advance
that goal, but it's easy to pretend it does. Sixteen small open-weight models, 1,303 practice questions,
64 configurations. The results reveal a clean capability ceiling, a contamination pattern hiding in plain
sight, and a handful of questions that stumped every single model, including the ones that probably cheated.
I recently reached a major milestone in the development of my hobby compiler Not Completely C.
In this post, I share the journey that brought me here, demonstrate how NCC can compile non-trivial programs,
and provide a detailed walkthrough of the compiler's architecture; from lexing source code to emitting machine code and linking executables.
How complex can a five character expression be?
The seemingly innocent i + i++ produces different results on different compilers, exposing one of C's most insidious features: undefined behavior.
In this post, I'll explore how something as fundamental as the order of expression evaluation became a minefield in C, why modern compilers still disagree on basic operations, and how I'm addressing these issues in my hobby compiler NCC.
Along the way, we'll peek under the hood at compiler intermediate representations and discover why "simple" languages can be surprisingly complex.
I recently encountered a puzzling bug in code that uses Python's threading module for parallel processing.
The code looks perfectly reasonable, but produces completely wrong results.
Can you spot the issue?
In this article, I'll walk you through a comprehensive setup for self-hosting web applications.
This configuration is ideal for both homelabs and small production environments, enabling you to host multiple websites on a single IP address and port.
We'll focus on security, flexibility, and centralized management.
Using pfSense as our base operating system, router, and firewall, we'll leverage the ACME protocol for automated SSL certificate management,
HAProxy for reverse proxying, and Cloudflare for DNS and CDN services.
I'll explain the role of each component and guide you through every step of the process-including how to avoid some common gotchas.
By the end, you'll have a secure, scalable setup for hosting multiple services using domain and subdomain-based routing, with centralized SSL and traffic management.