My experimentation with LLMs on day 1 and day 2 of Advent of Code was a bit frustrating. For the day 3 puzzle, I decided to change model. Previously I had been using the codellama:13b model but wasn’t really happy. I kept arguing with it and it just frustrated me. So let’s try some others. codellama:34b So I thought maybe the model just wasn’t big enough, so off we went

After day 1 of Advent of Code was only partially successful, I thought I would change my approach. Yesterday I tried to get the LLM to develop the whole solution in one go. But that was more like argumentative programming rather than conversational programming, so for the day 2 puzzle I start with small problems and hope to put it all together at the end. Let’s get started The problem looked quite straightforward, parse something like the following

So it is that time of the year again. Advent of Code is back. Yey! This means I get to try to look at a new language again. This time, why not Kotlin? But as an extra challenge, I thought why not see how the vaunted LLMs would help. Is AI really the accelerator that would elevate a mere developer to a rockstar ninja (whatever that is)? I have to add that I am a bit of an AI sceptic and keep saying that

I describe myself as an Agile Fundamentalist because I really like the ideas of the Agile manifesto, and I also confidently state that I am an AppSec snooper, because in my day job I tend to look at other people’s code, logs and systems and break them. I happen to think that agile and application security go together rather well! I had two different Slack conversations recently. One was on the UK cross-governmental #security Slack channel and the other one was on the Equal Experts #securit-ee Slack channel (yes I’m a consultant, and our Slack channels have hilariously got ee in their names).

After BSides Lancs and Leeds, Newcastle was my third BSides, both of the year and ever. I got up early in the morning for a road trip from Preston to Newcastle, and setting off at 5:30 on Saturday turned out to be atmospheric and straightforward. So I was a bit early and got a glimpse of the chaos that is putting together a BSides. Later I found out that BSides Newcastle was traditionally more chaotic than some of the other BSides.

As I stare at my laptop after an intense few days at 44CON, I reflect on the experience. I went through a lot of different emotions. Excitement, trepidation, relief, bewilderment, pride, disappointment and hope had accompanied my visit to London to 44CON. We had an OSINT Capture The Flag competition happen right next to a round-table discussion on how the government should secure the country. Looking from outside in, a rallying cry of “Hack the Planet” (if you want to feel old, it turned 28 during the con) side-by-side with the establishment might not be the first thing to expect at a security conference.

I am wearing my Equal Experts hoodie. Often I’ll be found on conference calls with my EE t-shirts, and I even have some socks. So the irony of writing an article about “leaving the badge on the door” is not lost on me. So what do I mean? Contracting Scum I am a contractor. I have been for the best part of 20 years. I’ve worked in a variety of sectors (telecomms, finance, government) in a variety of roles (development, architecture, security) using a variety of methodologies (waterfall - eurgh, faux agile - double eurgh - and lowercase agile).

I am back at home, a few days after my first experience of Agile on the Beach. There were a few problems with it (yes, yes, I’m baiting you, I loved it). There was too much quality, it was really hard to pick which talks to go to. There was too much fun, it was difficult to leave the after-party after the beach party. And it was hard to keep track of all the new faces and names.

It is a couple of weeks after my trip to Leeds to go speak at BSides. Now, if you’ve never been to a BSides - and I had only been to one prior - then hopefully this gives you a bit of a feel as to what to expect. In short, there’s lots of interesting people with great talks and insights and something that feels just right. A bit of community and some weird people.

In this post I am looking at using the mongo aggregation pipeline in non-trivial ways. In fact, once I had done what I wanted to do I looked back at the result and discovered that a bit of an idea of functional programming helped me achieve what I wanted to do. But back to the beginning: I was looking at deployment events which we’d captured in a mongo collection: { "environment" : "production", "serviceName" : "platform-status-frontend", "version" : "0.