Skip to main content Arjen Wiersma

Posts

2025

  1. The things I read (week 27 and 28)

    This week’s reading was a deep dive into the world of AI-assisted development, its security implications, and the evolving role of the human developer. I also explored significant topics in hardware, software supply chain security, and some fascinating findings from the world of science.

    AI in the Trenches: Development and Security

    The intersection of AI, software development, and security was the dominant theme this week. A major focus was on moving beyond simple “vibe coding” toward more structured, secure, and effective methods. This includes “Vibe Speccing” to create structured workflows and using rules files to secure AI coding tools. The concept of “Context Engineering” was presented as the crucial new skill, emphasizing that providing the right information to the model is more important than prompt crafting alone.

  2. The things I read (week 26)

    My reading list is a bit shorter this week, mostly because I’ve fallen down a deep, deep 3D printing rabbit hole. (My desk is now covered in very handy 3d printed tools for the printer itself and one glorious OctoRocktopus).

    Still, between prints, I managed to find some absolute gems. This week’s theme seems to be the practical, sometimes harsh reality of AI adoption, mixed with some fascinating policy decisions in the open-source world.

  3. Agentic threats: memory poisoning & tool misuse

    Tip
    This article was first published as part of a substack experiment, I reproduced it here.

    Last time , we learned that AI agents are like smart assistants that can think, remember, and most importantly, do things on their own.

  4. Introducing AI agents: autonomy meets risk

    Tip
    This article was first published as part of a substack experiment, I reproduced it here.

    Hey everyone, let’s keep going!

    So far, I’ve covered the basics of AI security and some specific problems like Prompt Injection. Today, I’m talking about the next big thing: AI Agents.

  5. Understanding the New World of AI Security

    Tip
    This article was first published as part of a substack experiment, I reproduced it here.

    Welcome to Day 1 of my guide to the important topic of Generative AI (GenAI) and Large Language Model (LLM) security.

  6. The things I read (week 25)

    A little later then usuals. Yesterday I was at the Dutch ComicCon, and I forgot to post. Here is my reading of last week.

    The Real Impact of AI

    I think we’re all wondering about the deeper effects of weaving AI into our daily lives. This week, I found a few articles that really made me stop and think. The first was a standout study from MIT that suggests using tools like ChatGPT for writing could lead to a kind of “cognitive debt.” They literally measured brain activity and found that relying on AI can cause the parts of our brain responsible for deep thinking to become under-engaged. It’s a fascinating and slightly worrying idea.

  7. A 3 Week Series

    Tip
    This article was first published as part of a substack experiment, I reproduced it here.

    Hey everyone,

    Let’s be honest. This new wave of generative AI is moving incredibly fast. One minute we’re asking it to write a poem, and the next, AI “agents” are being built to act on their own.

  8. The things I read this week (24)

    Software Engineering

    In my feed the opening talk by DHH at Rails World 2024 popped up, most notably due his stance on the reduction of complexity in running an online business. He promotes running your own (virtual) hardware, reducing build pipelines and not using Platform as a Service providers (#nopaas). Watch it below.

  9. The things I read this week (23)

    Tech in general

    I learned that most of the layoffs in the US are not so much about AI taking jobs. Sure, there are bound to be a bunch of people that are no longer employed because their jobs was easily replaced by a system, but there is more then meets the eye. In “The hidden time bomb in the tax code that’s fueling mass tech layoffs” explores the tax rule that was changed under Trump-I, section 174, which basically no longer allows companies to write-off R&D effort in the current fiscal year.

  10. How vibe coding fails

    How Vibe Coding Fails

    Up to now
    The video I am commenting on below is part of a series called Vibe-coding in het onderwijs. So far, the series has been excellent! It shows teachers how they can create small tools for their class using AI such as ChatGPT and bolt.new. The projects featured had very little actual logic or complexity, and the use of AI was spot-on!

    Now, take a look at the following video. If you don’t know any Dutch, Tom is using bolt.new to create an AI chatbot that simulates a difficult HR conversation. How this relates to education isn’t relevant here; the point is that he wants to demonstrate the use of a model with a frontend.

  11. Software developers are doomed to create software

    Will software development change? Yes, of course. Will we stop making software? No, we’ll still be creating software, just not in the same way as before.

    For the last few months, a lingering question in our industry has been: is there still room for developers in this AI-driven world? My answer is yes, but we won’t be developing in the same way we have for the past 30 years.

    My career dates back to my first professional coding job in 1996. Back then, we created software that had to be physically shipped to customers on some form of media. My most ambitious project was the work I did when the Dutch ISP Freeler was created . We wrote software and then put it on a CD-ROM to ship to customers. Later, the delivery medium became the web, which transformed all our distribution challenges. Programming languages evolved too, shifting from those focused on single platforms and distribution methods to more web-friendly languages.

  12. The Cycle Continues

    I am leaving NOVI. Yes, I know, it is sad news. For almost 6 years I have been building and maintaining an organisation that provides the best cybersecurity and software development (Bachelor) education in The Netherlands. In that time I have done amazing things:

    • Created a short course format for people that want to switch careers. With some back of the napkin calculations I have seen over 2500 students pass through one of the programs.
    • I lead a team of quality assurance, educational development, EduTech developers and teachers to build an awesome EduTech tool and provide top-notch education.
    • Started and hosted the Hack The Box NL meetups for 4 years.
    • I became part of the management team and helped the organisation through an M&A proces

    It has been a wild ride, but like all things that begin, it must end.

  13. Clojure Projects

    When I tell people that I like to code in Clojure the common response is “wut?”. Clojure is not known as a programming language in which you create big systems. As all Clojure people know, this is not true. There are many systems written in Clojure. Let me show you some that are very actively maintained.

    First there is Lipas, a Finnish platform that shows you information about sports clubs. The structure and techniques used in this code base I use as a reference implementation for my own ClojureScript + Clojure systems. A screenshot of the application is shown here:

  14. Observability in Clojure

    Observability in cloud-native applications is crucial for managing complex systems and ensuring reliability (Chakraborty & Kundan, 2021; Kosińska et al., 2023). It enables continuous generation of actionable insights based on system signals, helping teams deliver excellent customer experiences despite underlying complexities (Hausenblas, 2023; Chakraborty & Kundan, 2021). In essence, adding proper observability to your system allows you to find and diagnose issues without having to dig through tons of unstructured log files.

  15. Digital Ocean, its support and development database

    Tip
    Currently, only use Postgres 14 on the Digital Ocean application platform for development databases.

    While following the book Zero2Prod you will learn how to deploy a Rust application to digital ocean through a Continuous Deployment pipeline. This is hardly anything new for me, I even teach a course in DevOps, but to not stray from the path of the book I followed its instructions.

  16. The joy of NixOS

    In July 2023, I installed NixOS as my daily operating system. NixOS is a Linux distribution that emphasizes a declarative approach to system management. This means you define your desired operating system configuration in a file (e.g., KDE with Emacs 30 and Firefox), and the Nix package manager uses that file to create your OS. Every change generates a new version, allowing you to revert to a previous version if anything goes wrong.

  17. Build an API with reitit in Clojure

    In my previous post I highlighted that I set myself the goal of creating a self hosted comic book collection tool. Before that, in a post about tooling , I reiterated my ❤️ for Clojure as a language. So, this is the start of a series of articles detailing how the development is going, and also as an introduction to the various parts of the tech stack.

    Clojure is special to me in that there are hardly any big frameworks in the ecosystem. Clojure is more like Lego, there are countless building blocks of various shapes and sizes. It is up to you as the developer to stick the blocks together to get something usefull. You might guess that I also ❤️ Lego.

  18. A New Theme

    So, a new year, a new theme! I switched my blog to use the Today I Learned Theme. This theme has a great feature where it also maintains a collection of notes and shows a graph with related notes. This is very similar to how I use org-roam.

    I will not be transferring all my notes over, but I thought it would be a very nice feature to share some of my notes with you. This year I am focussing on Clojure and Rust , and as a result I will be posting my notes on the new things I learn.