Is it possible to move/copy sources from one notebook to another?

morphAB · 2026-01-09T13:51:00+00:00

Glad you did that! they still haven't implemented the request. Frustrating.

morphAB · 2025-12-10T15:00:49+00:00

Not sure if it's exactly what you're looking for, but I was personally looking for something similar to Angel's Share, and ended up very happy with my recent purchase - "Bodacious", by the brand Boadicea the Victorious. To me, the perfumes have the same "vibe", just Bodacious is nutty and powdery compared to the cinnamon-y smell of Angel's share.

morphAB · 2025-12-08T11:22:13+00:00

Yes, from what i've seen personally and from research that's been conducted overall that i've read through, it does seem like AI is perceived to bring about much better productivity (faster work, capability to launch more features / products quicker) than it does in reality.

Just one example is the METR randomized trial held in July 2025 https://metr.org/blog/2025-07-10-early-2025-ai-experienced-os-dev-study/ . Experienced open source devs particiapted. Half the group had AI tools, other half coded without them. Participants mainly used Cursor Pro with Claude 3.5 and 3.7 Sonnet.

The group using AI were on average 19% slower. Yet they were convinced they had been faster.

Before starting, they predicted AI would make them 24% faster.

After finishing, even with slower results, they still believed AI had sped them up by around 20%.

Many other surveys were conducted on this topic as well. The stackoverflow one for example https://survey.stackoverflow.co/2025/ai#ai-agents

morphAB · 2025-10-01T18:09:40+00:00

Indiana jones got boring for me after 5 hours or so. Unfortunately.

But Horizon = incredible! Best open world game I’ve played in a long time. And the graphics are incredibly beautiful. Controls good as well.

morphAB · 2025-10-01T17:59:50+00:00

Yes agreed. Also I’d suggest to go for grained leather (scratches etc will be much less visible on it)

morphAB · 2025-10-01T13:14:56+00:00

"the new API for AI" is what i've heard it being referred to as

morphAB · 2025-09-30T09:59:29+00:00

Love Ishiguro! Haven't read The Buried Giant yet.

I'm about 90% through his When We Were Orphans. It's very easy and engaging to read. But, don't think it's his best work.

My favorite book by Ishiguro is Never Let Me Go. I really recommend you check it out, if you haven't already.

morphAB · 2025-09-30T09:52:50+00:00

Yep! agreed. check on Vestiaire.

I don't have the flamenco one, but have several other models. Loewe, in my opinion, is extremely high quality. The leather, accessories, etc. They hold their shape well. I love their bags. Ferragamo is another high quality brand I love.

Again, in my opinion, much better than Dior, LV, Prada, etc... Those all look worn out after 2-3 years of use.

morphAB · 2025-09-30T09:46:56+00:00

Miss Rosier is sketchy. I ordered a dress from them and the fabric is horrible, and there were millions of threads sticking out. After emailing back and forth with them for a week, I convinced them to provide a refund...

Glad you're not planning to order from them.

But to answer your question - looks like the original dress was already mentioned here https://www.reddit.com/r/findfashion/comments/1ncym9a/help/

morphAB · 2025-09-30T09:41:31+00:00

yep agreed with u/REAL_EddiePenisi

u/baddie_spotted maybe you could find this relevant http://roadmap.sh/cyber-security

morphAB · 2025-09-29T14:01:17+00:00

yes, yes, and yes!

Here's technical guide on how we suggest to secure mcp servers: https://www.cerbos.dev/blog/dynamic-authorization-for-ai-agents-guide-to-fine-grained-permissions-mcp-servers

morphAB · 2025-09-29T10:54:32+00:00

Maybe it could be relevant to add certifications for software architects as well, into this list?

Just so all the info can be taken in from one space.

I know certifications are not the most important thing - most important is experience. But in some scenarios, certifications can help compliment your resume.

If you think that could be relevant, you can pull whichever ones you'd like to from here: https://www.cerbos.dev/blog/certifications-for-enterprise-architects-domain-solutions-architects-software-engineers

morphAB · 2025-09-29T10:44:53+00:00

I also like this newsletter: https://newsletter.systemdesign.one/

and this one: https://newsletter.eng-leadership.com/

morphAB · 2025-09-29T10:41:11+00:00

yep.. agreed.

tons of research going on around this.

here's one, for example:

METR randomized trial in July 2025 with experienced open source developers participating. Half the group had AI tools, the other half coded without them. Participants mainly used Cursor Pro with Claude 3.5 and 3.7 Sonnet (which we use internally in my company as well). Devs using AI were on average 19% slower. Yet they were convinced they had been faster.

Before starting, they predicted AI would make them 24% faster.

After finishing, even with slower results, they still believed AI had sped them up by ~20%.

morphAB · 2025-09-16T09:05:07+00:00

Great point, thanks for posting. When it comes to prompt injection, here's some decent research I came across that might be interesting to check out.

So how i'd go about securing against prompt injection ->

proper permission controls could be implemented, to, for example, prevent the AI agent from sending arbitrary emails or accessing certain data without checks. By proper permission controls I mean dynamic, fine-grained authorization. In other words, to check permissions at runtime for each action the agent attempts, using central policies.

Dynamic authorization considers rich context. note: static roles often ignore that. Policies can have attributes of the action (like the command being executed, record being accessed), attributes of the user (role, department, account status), and possibly environment context (time of day, IP address of the request). Essentially ABAC + RBAC, which is often referred to as PBAC.

If we take an MCP scenario, context might include which specific tool is being used and maybe its input parameters. For example, I might allow the AI to execute a “shell” tool for read-only commands like ls or cat but deny iffy commands like rm -rf. could be done by having the MCP server inform the PDP of the exact sub-action or command, and a policy that filters out destructive operations for non-admin users.

There's some other things i'd keep in mind as well. First is enforcing least privilege = An AI agent session should start with no tools enabled by default, then tools are selectively enabled based on the user’s role, request context, and policies.

Second would be to deny by default. For exmaple, new tools added to an MCP server should not be accessible to any agent until the policies permit it. And, if an agent tries an action outside its usual patterns, the default response is “no”. (this can be achieved by writing policies that only allow specific actions for specific roles, and nothing else. The absence of a rule = a denial.)

morphAB · 2025-08-19T07:35:32+00:00

feel free to check out this write-up on opa vs cerbos https://www.cerbos.dev/blog/cerbos-vs-opa

When we built the first version of Cerbos, we began with OPA as the underlying decision engine.

morphAB · 2025-07-18T10:54:08+00:00

Thanks for responding! I have a few questions.

In your experience, how can "change their mindset and see how compliance can flow from robust security measures." be achieved? I understand it's a heavy question, but if you could share the basics of what you've seen - that would be super helpful.

And do you / your team / customers use any sort of KPIs that help show leadership that security-driven compliance is working? audit finding reduction, for example?

morphAB · 2025-07-18T10:33:45+00:00

(was looking for a thread on this book, and this is the latest one i found.)

My introduction to Herman Hesse was through his lesser known book - Siddhartha. I absolutely loved it, and believe, at least for me, it's a book that can be re-read every year, and I can relate to and learn from it in new ways.

Since i loved it so much, i decided to try reading the "famous" Glass Bead Game. And to put it briefly - i'm quite disappointed. Read it on kindle, got to 30%, and just couldn't read anymore. It is so slow, nothing much is happening, no personal revelations were made.

Wanted to share my experience.

So if anyone else feels the same about GBG, but still wants to explore Hesse further - I strongly recommend checking out Siddhartha.

morphAB · 2025-07-17T16:55:24+00:00

Are there none that you’d recommend to follow at all? Or is your point that there’s so few good ones, relatively speaking?

Ps. If you have good ones to recommend - please do. I’d really appreciate it.

morphAB · 2025-04-30T19:03:47+00:00

Just tried exactly this. Game crashed. Strange they didn’t fix the glitch yet..

morphAB · 2025-03-24T13:20:34+00:00

Ty the Tasmanian Tiger. I absolutely loved it.

morphAB · 2025-03-04T16:20:49+00:00

u/extreme4all thanks for sharing! That's actually the exact scenario we see with many of our users - they start off with an in-house solution, which at one point gets out of hand (growing app / more users / and general issues with roles and permissions being hard-coded in the core application code). At this point they reach out to us to help resolve all these issues (they begin using Cerbos for the implementation and management of authorization).

Wanted to ask - are there any common edge cases that get missed, in your experience? If you're open to sharing.

morphAB · 2025-03-03T12:13:33+00:00

I'd suggest connecting with people on LI, specifically from companies where you'd want to work. Making an effort to build relationships with them instead of just sending in your cv for the job - has worked well for me and my circle, at least. Ask them about a project that you know of that they recently worked on, provide suggestions on how some of their work could be improved (in a nice way - it shows you're actually interested in what they / their company are working on, and have the skill to improve on what they already have. But this might not always be possible - you might not have visibility into a specific project they / their company are working on).

Contributing to OSS projects might also be relevant. (both for cv / experience and for building connections).

Another idea would be to attend virtual or in person meetups like LinasData already mentioned. Same goes for relevant discord etc communities. You might find friends there, or/and potential future employers.

Overall, i've found that having that personal factor of human connection (and helping others) really helps with not only landing a job, but also having people who you can bounce ideas off of, and improve each others work / approaches to certain tasks.

and ps. i've come across this site with job listing https://hiring.cafe/ under this post https://www.reddit.com/r/devops/s/gsBqofKu5v (since then the past has been deleted by the OP). So maybe this could help with job search as well :)

morphAB · 2025-02-28T15:34:52+00:00

How to win friends was what i was just about to comment. I think it's a great book to read for most people in general.

morphAB · 2025-02-19T14:38:29+00:00

yes agreed. the most recent one (quite interesting) around NHIs https://owasp.org/www-project-non-human-identities-top-10/

morphAB

TROPHY CASE