Thoughts on Laravel development, cybersecurity, open source, and technology experiments.
I pointed my SDR at 2.4 GHz and discovered my smart home devices are CHATTY. Bluetooth Low Energy packets everywhere! Here's how I decoded BLE traffic, reverse engineered smart device protocols, and learned that wireless security is... interesting. Welcome to the world of BLE sniffing!
Want to contribute to open source but tired of todo apps? Security projects need contributors, and you don't need to be a hacker! Let me show you how to get started in the coolest corner of open source.
Your app spends 95% of time reading data but your database is optimized for writes. Smart! After 7 years architecting systems that actually scale, I learned that CQRS isn't about being fancy - it's about accepting that reads and writes have completely different needs!
Still polling DynamoDB every 5 seconds to check for updates? Your Lambda costs are through the roof and your architecture is held together with duct tape and cron jobs? After architecting event-driven systems on AWS, here's why EventBridge changed everything!
After countless deployments where I wondered 'wait, which version is running in prod?', I discovered GitOps - where Git isn't just your code repository, it's your deployment control center. Here's why treating Git as your single source of truth changed everything!
The simplest hack that still works in 2026: just change a number in the URL. Here's why your API is probably leaking user data right now and how to actually fix it.
Stop manually converting JSON strings and dates! Laravel's model casts handle data transformation automatically. Let me show you the magic I wish I knew 5 years ago.
Think `npm install` is safe? Great! Now explain why your project has 1,247 dependencies and three different versions of lodash. Let's talk about npm best practices, dependency hell, and how to keep your node_modules folder from becoming sentient.
Coming from 7 years of PHP and JavaScript, I thought enums were just fancy constants. Then Rust showed me algebraic data types and I realized I'd been living in the stone age. Let me show you why Rust enums are absolute game-changers!
Your users in Tokyo are waiting 800ms to load a logo that hasn't changed in 3 years. After architecting global e-commerce systems, I learned that caching isn't just 'nice to have' - it's the difference between a site that feels instant and one that feels like molasses!
After 7 years of production deployments, I've been rate-limited by Docker Hub during critical deploys way too many times. Here's how I escaped Docker Hub jail and cut our registry costs by 80%!
You're serializing objects without a second thought? Yeah, about that... Let me tell you how attackers turn your innocent data into remote code execution nightmares.
Your database isn't a file cabinet! Learn how to handle file uploads like a pro, from local storage to S3, without blowing up your server.
Think writing tests is boring busywork? Think TDD slows you down? Cool! Now explain why you spent 6 hours debugging a bug that tests would've caught in 30 seconds. Let's make Node.js testing fun and practical - you might even enjoy it!
Picked the wrong AWS database and now you're paying for it? After 7+ years architecting on AWS, here's how to choose between RDS and DynamoDB without destroying your budget, sanity, or career!
Found a weird signal on 433 MHz and thought 'what the heck is that?' Turned out to be my neighbor's wireless thermometer! Here's how I use GNU Radio, Python, and signal analysis to identify unknown RF transmissions. Software meets radio waves!
Opened a PR to your favorite open source project and... crickets? No response? No merge? No comment? Learn why maintainers ghost PRs and how to write contributions that get MERGED instead of sitting in limbo forever.
Your Lambda functions are cheap, but API Gateway is silently draining your wallet. After 7+ years architecting serverless backends, here are the API Gateway mistakes that cost me thousands!
You changed one field name and suddenly 10,000 mobile apps crashed. After 7 years architecting APIs, here's how I learned that API versioning isn't optional - it's the difference between 'iterating fast' and 'creating a support ticket tsunami'!
Using GitHub Issues like a dumping ground? Drowning in unorganized PRs? Your open source project needs better workflow management, and GitHub has all the tools. Let me show you how to organize chaos into a well-oiled machine!
That 'fast' local app that takes 10 seconds in production? Spoiler: It's N+1 queries. Here's how I hunted them down and made our API 50x faster.
Think try/catch is enough for Node.js error handling? Cool! Now explain why your server randomly crashes with 'unhandled promise rejection.' Let's dive into the error handling patterns that actually keep your API alive in production!
That innocent 'Login with Google' button? It could be your security nightmare. Here's how to implement OAuth 2.0 without shooting yourself in the foot!
Coming from 7 years of Laravel/Node.js where 'fast enough' was the mantra, I thought performance optimization meant adding cache layers and hoping. Then Rust forced me to actually measure, benchmark, and prove performance claims. Turns out 'blazingly fast' isn't marketing - it's measurable!
After 7 years of production deployments and one very public GitHub leak that cost us $3,000 in AWS charges, I learned that managing secrets isn't optional - it's survival. Here's how to stop hardcoding passwords like it's 2005!
Think accepting serialized data is safe? Think again! Learn how deserialization attacks turn innocent-looking data into remote code execution nightmares.
Your EC2 bill is probably 3ร higher than it needs to be. After years of architecting on AWS, here's how Auto Scaling saved me $2,400/month and taught me to stop babysitting servers!
Forget traditional coding - I built FM radio receivers, spectrum analyzers, and custom signal processors by connecting visual blocks like LEGO! GNU Radio Companion turned me into an RF engineer without writing a single line of DSP code. Then I dove into Python and the rabbit hole got DEEP!
After 7 years of production deployments and countless 3 AM incidents, I learned that health checks aren't optional - they're the difference between 'my app is down' and 'my app auto-heals itself.' Here's how to stop shooting yourself in the foot!
Your database is crying. Every page load = 47 queries. Let me show you how caching saved our production API from melting down and cut response times by 80%.
Everyone's rushing to microservices like it's Black Friday. After 7 years architecting systems from monoliths to distributed nightmares, I learned the hard way: sometimes the best architecture decision is to NOT split your app!
Think npm install is harmless? Cool! Now explain why your app broke after updating ONE package. Let's dive into dependency hell, security nightmares, and the package.json chaos that keeps Node.js developers up at night!
Opened a PR with 'fixed stuff' as the title and wondering why it's been sitting there for 3 weeks? Learn the unwritten rules of PR etiquette that'll make maintainers WANT to merge your code instead of closing it with 'thanks but no thanks.'
Coming from 7 years of Node.js callback hell and async/await spaghetti, I thought asynchronous programming was inherently painful. Then I discovered Tokio - Rust's async runtime that's actually elegant, performant, and doesn't turn your code into nested madness!
Built a CLI tool that nobody uses? Wondering why your 'amazing' command-line app has 12 stars? Let me show you how to build CLI tools that developers actually love, install, and contribute to - learned from shipping tools in Rust, Node, and Go.
Your single database is a ticking time bomb. After 7 years architecting production systems, here's how I learned that database replication isn't optional - it's the difference between 99.9% uptime and 3 AM panic attacks!
Your Lambda is checking the database every 5 seconds 'just in case' something happened? After years of architecting event-driven systems on AWS, here's how EventBridge saved me from polling hell and cut our costs by 90%!
I thought programming radio signals required years of signal processing knowledge and complex C++ code. Then I discovered GNU Radio Companion - a visual drag-and-drop tool where you build signal processing pipelines like LEGO blocks. I decoded FM radio in 5 minutes without writing a single line of code!
Insecure Direct Object References are everywhere, and they're embarrassingly easy to exploit. Here's how I found one in production and what I learned about access control.
After 7 years deploying production apps, I finally bit the bullet and learned Kubernetes. Turns out it's not as scary as the YAML makes it look. Here's what I wish someone had told me before I spent 3 days debugging a typo in my deployment config!
Stop putting authorization logic everywhere! Let's use Laravel Policies and Gates to keep your code clean and your users in their lane.
Think npm is just for installing packages? Cool! Now explain why you're writing bash scripts when npm can automate everything. Let's dive into npm scripts - the built-in task runner you didn't know you had!
Coming from 7 years of writing Node.js and PHP scripts, I thought CLI tools were 'fast enough.' Then I built my first Rust CLI tool - instant startup, zero dependencies, native speed. Here's why Rust is the PERFECT language for command-line utilities!
Your database is dying because you keep querying the same product page for every visitor. After 7 years architecting high-traffic systems, here's how I learned that caching isn't just 'adding Redis' - it's the difference between a $200/month server and a $50,000/month catastrophe!
I thought radio was just voices and music. Then I discovered digital modes - computers talking to each other through electromagnetic waves! PSK31, FT8, RTTY... it's like finding encrypted network packets in the air. Here's how I decoded my first digital signal and fell into the rabbit hole!
Using GitHub Actions to deploy your open source project? Cool! Accidentally giving hackers access to your AWS keys, npm tokens, and production secrets? Not cool! Learn how to secure your CI/CD pipeline before you become a cautionary tale on Twitter.
Think your firewall is protecting you? HTTP Request Smuggling is the sneaky attack that slips right past your defenses. Here's how it works (and how I found one).
Stop manually creating test data like a caveman! Learn how I use Model Factories and Seeders to spin up realistic databases in seconds - the same patterns we use in production at Cubet.
Think console.log() is logging? Think try/catch fixes everything? Cool! Now explain why your Node.js server silently crashes at 3 AM with zero logs. Let's dive into error handling and logging that actually works in production!
Coming from 7 years of JavaScript and PHP where 'Cannot read property of undefined' haunts my dreams, discovering Rust's enum-based approach to handling missing values blew my mind. No more null checks everywhere. No more undefined crashes. Just compiler-enforced safety!
Your Lambda functions are calling each other in a tangled mess of async chaos? After years of architecting serverless workflows on AWS, here's how Step Functions saved me from callback hell and $500/month in wasted Lambda executions!
I thought antennas were just metal sticks. Then I learned they're actually resonant electromagnetic wave catchers tuned to specific frequencies using PHYSICS and MATH. Mind blown! Here's antenna theory explained for software developers who want to build better RF projects.
Opened an issue saying 'it doesn't work' and wondering why nobody's fixing your bug? Learn how to write bug reports that actually get fixed instead of ignored, closed, or causing maintainers to question their life choices.
Your payment service is down and you're sending it 10,000 requests per second anyway. Brilliant! After 7 years architecting distributed systems, I learned that circuit breakers aren't optional - they're the difference between 'service is down' and 'entire platform is on fire'!
You think you're clicking a harmless button. Plot twist: you just deleted your account, transferred money, or enabled your webcam. Welcome to clickjacking - the magic trick of web attacks!
Your Docker image is 2GB and takes 10 minutes to deploy? After countless production deployments, I learned that multi-stage builds can shrink images by 90% - here's how to stop shipping garbage to production!
Your DynamoDB table has 47 indexes, costs $800/month, and queries still take 3 seconds? After architecting production NoSQL systems on AWS, here are the DynamoDB mistakes that'll drain your wallet AND your sanity!
Want to add custom methods to Laravel's core classes without touching framework code? Macros are your secret weapon. Here's how I've used them in production to keep code DRY.
Think your Node.js server is using all 8 CPU cores? Think again! By default, Node.js runs on ONE core while the other 7 watch Netflix. Let's fix that with cluster mode - the built-in feature that turns your server into a multi-core beast!
Coming from 7 years of fighting with npm's node_modules black holes and Composer's autoload nightmares, discovering Cargo felt like finding a package manager from the future. Here's why it's the best tool I've never had to debug!
Your Lambda has full admin access 'just to be safe'? Your access keys are hardcoded? After 7 years of AWS deployments, here are the IAM mistakes that will haunt you at 3 AM when you get the security breach notification!
Your database is drowning in 50 million rows and queries are taking 8 seconds. After architecting e-commerce systems handling millions of users, here's how I learned that sometimes you need to split your data across multiple databases - and why it's scarier than it sounds!
I passed my Ham Radio exam and unlocked a whole new world of RF experimentation, digital modes, and legal transmission! From SDR hobbyist to licensed operator - here's why software developers make amazing hams and how to get started with amateur radio.
Still using the same mainstream tools everyone recommends? I found some lesser-known open source projects that are absolute game-changers but somehow fly under the radar. Let me share the secret weapons!
After 7 years of production deployments, I learned the hard way: if you can't see what's happening in your K8s cluster, you're one outage away from disaster. Here's how to actually monitor Kubernetes without drowning in metrics!
Your database stores 'john_doe' but you need 'John Doe'? Let Laravel do the heavy lifting automatically!
Think reading files with fs.readFile() is fine? Cool! Now explain why your Node.js server crashes when processing a 2GB file. Let's dive into streams - the memory-efficient pattern that saves your server from OOM crashes!
Coming from 7 years of JavaScript and PHP, I thought memory management meant 'garbage collector handles it.' Then Rust's ownership model blew my mind - no GC, no manual malloc/free, just pure compile-time genius. Here's why ownership is the most revolutionary programming concept I've learned!
That innocent XML file upload? It might be reading your server's /etc/passwd file right now. Let's talk about XXE - the vulnerability that turns parsers into weapons.
Your AWS resources can't talk to each other, the internet, or you're getting mystery connection errors? After architecting production VPCs, here's how to fix AWS networking without crying into your coffee!
Want to get paid to break into websites? Welcome to bug bounty hunting! Here's how I got started finding vulnerabilities and why you should too.
After 7 years of production deployments, I finally learned: Docker Compose isn't just for deployment - it's the secret weapon for local dev environments that don't suck!
Been 'cloning' repos when you should fork? Fork but never sync? Let me explain the difference once and for all, plus the fork workflow that actually makes sense for open source contributions.
If you're copy-pasting the same WHERE clauses everywhere, Laravel scopes are about to change your life. Clean, reusable query filters that actually make sense!
Your app has 5 servers but only one is actually working. After 7 years architecting production systems, here's how I learned that load balancing isn't just 'distributing traffic' - it's the difference between smooth scaling and catastrophic failure!
You just npm installed a package and gave a stranger root access to your machine. Congrats! After building Node.js apps in production, here's why your node_modules folder is scarier than any horror movie!
Conquered the borrow checker? Great! Now meet lifetimes - Rust's way of making sure your references don't outlive the data they point to. Coming from 7 years of garbage-collected languages, this concept blew my mind!
Ever wonder what's ACTUALLY happening on your WiFi network? I put my wireless adapter in monitor mode and saw EVERY packet flying through the air. Passwords, cookies, DNS queries... the WiFi spectrum tells all. Here's what I learned about wireless security!
Your CloudWatch bill is $300/month because you're logging EVERYTHING. After years of production AWS deployments, here's how I cut our logging costs by 85% without losing visibility!
Your monolith is blocking like it's waiting for a bus that never comes. I moved our e-commerce backend to event-driven architecture and cut response times by 75% - here's how events changed everything!
Ever wonder how your car radio knows the song name and artist? I decoded RDS (Radio Data System) with my SDR and learned how FM radio actually works. Then I built a tiny transmitter and became my own radio station!
Still have that default GitHub profile? Your README is prime real estate being wasted! Here's how to turn your GitHub profile into a magnet for collaborators, recruiters, and fellow developers who actually want to work with you.
Tired of Vue/React complexity? Livewire lets you build reactive UIs with pure PHP. It's like magic, but real!
Coming from 7 years of JavaScript and PHP, I thought strong typing meant typing your fingers off. Rust proved me wrong. Here's how Rust gives you bulletproof types without the Java-style verbosity!
That old subdomain you forgot about? It might be your biggest security hole. Here's how hackers hijack subdomains and how to stop them!
Still showing 'Site under maintenance' during deploys? After 7 years of production deployments, here's how I went from scary Friday night releases to confident anytime deploys - without downtime!
Your microservices are talking to each other like chaos in a parking lot. Let's add an API Gateway to bring order - because nothing says 'I understand architecture' like a single entry point!
CSP is like hiring a bouncer for your website - it decides what scripts can run and what gets kicked out. Let's make security headers fun!
Committing API keys to Git? Hardcoding database passwords? Let's talk about managing configs and secrets the RIGHT way - because 'It works on my machine' isn't a deployment strategy!
Think middleware is just app.use() and you're done? Cool! Now explain why your Express server randomly hangs. Let's dive into the middleware gotchas that bite every Node.js developer - from memory leaks to silent failures!
Stop cluttering your controllers! Let Laravel Observers watch your models and handle side effects like a ninja. Clean code incoming!
Slapping 'MIT' on your repo because everyone else does? Not sure if you can use that GPL library in your startup? Let's decode open source licenses without the lawyer-speak so you don't accidentally sue yourself.
I plugged a $20 USB dongle into my laptop and suddenly could see aircraft positions, decode weather satellites, listen to police scanners, and explore the entire radio spectrum. Welcome to Software Defined Radio - where hardware becomes code!
Coming from 7 years of web dev, I never thought memory safety would matter to me. Then I started building RF/SDR tools and security utilities. Rust changed everything. Here's why memory-safe code is your secret weapon against hackers!
Your S3 bucket is probably leaking data AND money right now. After years of architecting on AWS, here are the S3 gotchas that bite everyone - from accidentally public buckets to storage costs that spiral out of control!
Leaving 'LGTM' on every PR? Nitpicking semicolons while missing security bugs? Your code review skills need an upgrade. Learn how to give feedback that actually helps open source projects thrive (and makes maintainers love you).
Your database is crying because you keep asking it the same questions. Let's talk caching strategies - from 'just use Redis' to actually understanding when and how to cache!
You opened that beautiful developer roadmap with 87 technologies, felt motivated for 3 seconds, then completely overwhelmed. Those roadmaps are setting you up for failure. Here's how to ACTUALLY learn without burning out.
Think throwing your app in a container makes it secure? Think again! Let's talk about Docker security holes that'll keep you up at night - and how to fix them.
Your Lambda function is fast... except when it's not. Cold starts are the dirty secret of serverless - but I've got battle-tested tricks to make them way less painful!
Stop returning raw Eloquent models in your API! Learn how Laravel API Resources make your JSON responses clean, consistent, and actually maintainable.
Think you understand async in Node.js? Great! Now explain why your API randomly hangs. Let's dive into the event loop, promises, and async patterns that actually work in production.
Think your file uploads are safe? Let me show you how hackers use '../' to read your passwords, SSH keys, and database configs. It's scarier than it sounds!
Think you know how to organize code? Rust's module system and Cargo just entered the chat with workspaces, visibility rules, and zero-config builds. Say goodbye to build script nightmares!
You maintain a library with 50,000 weekly downloads and make $0 from it? GitHub Sponsors is literally sitting there waiting to fund your work. Here's how developers are ACTUALLY making money from open source (not just begging for coffee money).
Your database is a hot mess because you're not using transactions. Let's fix that before your users notice!
Think malloc() and free() are the only way to manage heap memory? Rust's smart pointers just entered the chat with Box, Rc, Arc, and RefCell. Prepare to never leak memory again!
Ever accidentally turned your server into a weapon against yourself? That's SSRF! Let's talk about this sneaky vulnerability that makes your server do a hacker's dirty work.
Your API is like a VIP club entrance - you need a bouncer! Learn how to protect your REST APIs from common attacks without reading a 500-page security manual.
Was building my 'perfect' framework with DDD, TDD, and Clean Architecture. Ended up finding security bugs in Laravel instead. Classic developer move.
You're still managing your open source community in a Discord server with 47 channels nobody reads? GitHub Discussions is sitting right there in your repo, waiting to organize your chaos. Let me show you why it's a game-changer!
Sending emails, SMS, Slack messages, and push notifications with one simple API. Laravel notifications make messaging so easy, you'll wonder why you ever wrote custom mailers!
Think JavaScript is the only way to run code in browsers? Rust + WebAssembly just entered the chat and they're running circles around your React app. Time to make the web FAST again!
You commit broken code, push to main, and realize you forgot to run tests... again. Git hooks are sitting in your .git folder laughing at you. Let me show you how to automate ALL the things you keep forgetting!
Think HTTPS is just a fancy 'S' in your URL? Think again! Here's why that little green lock is the difference between security and complete disaster.
Still copying the same HTML in 20 different files? Let me introduce you to Blade Components - Laravel's secret weapon for clean, reusable UI code!
Think copy-paste is the only way to avoid repetition? Rust macros just entered the chat and they're about to make your code write itself. Prepare for meta-programming magic!
That blank GitHub profile is costing you job opportunities! Learn how to turn it into a portfolio that makes recruiters say 'We need to hire this person' instead of scrolling past you like everyone else.
Still writing User::findOrFail($id) in every controller? Laravel's route model binding will make you feel like you've discovered fire!
Think interfaces in Java/C# are the best we can do? Rust's trait system just entered the chat with operator overloading, default implementations, and zero runtime cost. Prepare to rethink everything!
Passwords are dead (they just don't know it yet). Here's why 2FA is your account's best friend and how to implement it without making your users hate you.
Your controllers look like spaghetti? Events and Listeners will save your sanity and make your code so clean you'll cry tears of joy!
That library you use every day? It's maintained by someone who's probably exhausted, unpaid, and one mean GitHub comment away from archiving the repo. Let's talk about what's actually happening and how YOU can help.
Think switch statements are boring? Rust's pattern matching is like if switch statements went to the gym, got a PhD, and learned kung fu. Prepare to have your mind blown!
Cross-Site Scripting is like letting strangers write graffiti on your website... except the graffiti can steal passwords. Let's fix that!
Tired of CI/CD configs that look like ancient hieroglyphics? GitHub Actions makes automation so easy, you'll actually USE it. Let me show you how to stop manually deploying like it's 1999!
Your users are staring at loading spinners while you send emails? Let's fix that with Laravel queues - the secret weapon for background tasks!
Think try-catch is the pinnacle of error handling? Rust's Result<T, E> type just entered the chat and it's about to blow your mind!
Your website is walking around naked in a dangerous neighborhood. Security headers are like free body armor - and you're probably not using them. Here's how 5 lines of config can stop most attacks cold.
You use that library every day but never starred it? Let me tell you why that little star button is more powerful than you think, and why maintainers check their star count more than their bank account.
Still using foreach everywhere? Laravel Collections will blow your mind and make your code so clean you'll want to frame it!
Think SQL injection is old news? Think again. It's STILL the #1 way databases get pwned in 2026. Here's how hackers do it, why your code is probably vulnerable, and how to actually fix it.
Think your password is safe because you only used it on 'a few sites'? Plot twist: it's already leaked, tested on 10,000 websites, and up for sale. Here's how credential stuffing works and how to stop being an easy target.
Think you know Eloquent relationships? These advanced tricks will change how you query your database forever!
Ever wonder why Rust doesn't have a garbage collector like every other modern language? Turns out, that's not a missing feature - it's a superpower! Here's why.
Scared to make your first PR to an open source project? I was too! Here's how I went from terrified lurker to confident contributor (and you can too).
Still opening GitHub in your browser like it's 2015? The GitHub CLI will change your life. PRs in 3 seconds, issues from your terminal, and you'll look like a hacker in coffee shops.
Think dependency injection is scary? Laravel's Service Container makes it so easy, you'll wonder why you ever used 'new' everywhere!
Think handling 10k concurrent connections requires callbacks from hell or threading nightmares? Rust's async runtime says 'hold my beer' and does it with 50MB of RAM.
Getting 'blocked by CORS policy' errors? Thinking about just disabling it? DON'T. Here's why CORS exists, why your '*' wildcard is dangerous, and how to fix it properly.
Paying $10/month for AI code completion? I found some awesome open-source alternatives that won't drain your wallet. Let me show you the good stuff!
Write code like Python, get performance like C. Sounds too good to be true? Welcome to Rust's zero-cost abstractions - where elegance meets speed!
Your API got hammered by 10,000 requests per second? Let's talk about rate limiting - the bouncer your API desperately needs but probably doesn't have.
Stop fighting with your database relationships! Here's how to use Eloquent like a pro (without the headaches).
Think you need to be a coding wizard to contribute to open source? Wrong! Here's how to make your first contribution without accidentally destroying GitHub.
Think JWTs are secure by default? Think again! Here's how developers accidentally turn authentication tokens into security disasters - and how to fix them.
Middleware is like having a bouncer at your app's door. Let's learn how to use it without getting kicked out!
Testing doesn't have to be boring! Here's how to write Laravel tests that actually save your bacon (and your sanity).
Stop terrorizing your users with cryptic error messages! Here's how to write Laravel validation that's actually... helpful.
Think the borrow checker is your enemy? Think again! Here's why Rust's most feared feature is actually saving you from 3am debugging sessions.
Think sessions are boring? Wait until someone steals yours and takes over your account. Here's how session hijacking works, why your cookies are treasure, and how to protect them like Fort Knox.
The story of building a blog with a cool terminal boot animation. Spoiler: It was easier than I thought! ๐
Hey there! Come see what this blog is all about - spoiler: code, security, and maybe some radio waves! ๐ก
Your Laravel app is slow? Let's fix that! Here are 5 simple tricks that actually work (no PhD required).
Don't let hackers ruin your day! Here's how to protect your website from the most common attacks - explained like you're a human, not a security textbook.