Sr. Content Developer at Microsoft, working remotely in PA, TechBash conference organizer, former Microsoft MVP, Husband, Dad and Geek.
157632 stories
·
33 followers

The Knowledge You Give Away

1 Share

Reverse Information Paradox by Satya Nadella:

… In the AI age, the buyer risks giving away knowledge, just in order to use what they bought.

You essentially pay for intelligence twice, once with money, and again with something even more valuable: the proprietary knowledge you must reveal to make that intelligence useful. The better you want the model to perform, the more of that knowledge you have to feed it!

Over time, the information asymmetry becomes increasingly skewed. The seller learns more and more about you as you use what you purchased, while you learn very little about what the seller is learning in return.

The old software transaction was one-way. You paid for a copy of Word or SQL Server, and the vendor learned nothing about the contract you wrote or the query you ran. Each subsequent shift, from on-premises to cloud, raised its own sovereignty question, but the buyer could still keep critical knowledge close to the chest. AI reverses the arc. Every prompt shows another card, and the better the answer you want, the more of your hand you reveal.

The interesting question is no longer whether to use AI. It is who protects you when the model provider will not. On-device inference, model-side privacy guarantees, tenanted training boundaries. None of these guardrails are protecting you today, which means anyone will be outmaneuvered tomorrow.


Disclosure: Satya Nadella is the CEO of Microsoft, my employer. These are my personal views, not Microsoft's.

Bronze sculpture of Rodin's Torso of the Walking Man, a headless and armless figure in mid-stride, photographed from a low angle.
Read the whole story
alvinashcraft
3 hours ago
reply
Pennsylvania, USA
Share this story
Delete

It Passed Every Test and Still Broke: Four Signals Validation Never Catches

1 Share

Every check is green. Every validation rule passed. The pipeline reports success in cheerful little checkmarks. And the dashboard is still, somehow, wrong. That gap is exactly what data pipeline monitoring exists to close, and most teams do not have it.

It Passed Every Test and Still Broke: Four Signals Validation Never Catches dqo-hero-four-signals

This confused me for an entire afternoon once. Every rule I had written was passing, because every rule asked about the contents of a row, and every row was fine. What none of them could tell me was that yesterday’s file had never arrived. The table was full of perfectly valid data that was exactly one day stale.

My checks were guarding the rooms while someone walked off with the building.

It Passed Every Test and Still Broke: Four Signals Validation Never Catches dqo-diagram-four-signals
Four ways a feed goes wrong while every single value stays valid.

Validation asks “is this row ok.” Observability asks “did the feed change.”

Validation takes a record and checks it against a rule you wrote in advance. Is the region present? Is the amount positive? Is the id unique? Good questions, and they catch plenty. But notice what they share. You had to know to ask them. Validation only catches the failures you already imagined.

Observability watches the behavior of the whole feed over time and asks something different. Is this feed acting the way it usually does? That question catches the failures nobody thought to write a rule for, and those are the ones that hurt.

The four signals that watch behavior, not rows

None of these can be caught by staring at a single row.

Signal one: freshness

Did the data arrive on time, or is a valid-looking table quietly stale? This is the one that got me. Every value can be correct and the table can still be wrong, because it is yesterday’s correct. Freshness watches the clock, not the contents.

-- Freshness as a check. How stale is the newest row?
SELECT MAX(loaded_at) AS last_load,
       DATEDIFF(hour, MAX(loaded_at), GETDATE()) AS hours_stale
FROM sales_orders;

Not one value is inspected there. The query only asks when the table last moved. Alert when hours_stale crosses the window you expect, and you have caught the failure that ate my afternoon. A row-level rule never would, because the rows sitting there look great.

Signal two: volume

Feeds have a rhythm. A daily load that usually brings in fifty thousand rows and today brings five hundred is screaming that something upstream broke, probably a partial load. A load that suddenly brings five million is screaming just as loudly in the other direction, maybe a duplicated source or a runaway join. Every individual row can be flawless. The count is the tell.

Signal three: schema drift

Upstream systems change without asking your permission. A column that held a whole number starts holding a decimal. A field named total becomes total_amount. A column vanishes entirely, and your pipeline, being agreeable, fills it with nulls and carries on. Schema drift catches that on the day it happens, instead of three weeks later when someone asks why a chart went flat.

Signal four: distribution shift

The subtle one, and my favorite, because it is so sneaky. Every value is still legal, but the mix has moved. Yesterday, ninety percent of your orders were in the “completed” status. Today, sixty percent are. No rule was broken. Both values are perfectly valid. But the shape of reality shifted, and it usually means something real happened upstream, like a status field that stopped updating.

You cannot spot abnormal without defining normal

All four signals need the same thing. To know that today is weird, you have to know what a normal day looks like. That is a baseline: the usual arrival time, the usual row count, the usual schema, the usual mix of values.

The good news is that normal is mostly just history. Your feed has been telling you what it usually does for months. You only have to start listening and write it down.

A quick word on not drowning in alerts

Set up monitoring for the first time and the temptation is to alert on everything. Within a week half the alerts are noise and all of them are muted.

Alert on the size of the change, not the fact of it. A row count that drops two percent is Tuesday. A row count that drops sixty percent is an incident. Tune the thresholds so an alert means “come look now,” not “a number moved slightly, as numbers do.”

Start your data pipeline monitoring this week

Pick your most important table and answer four questions you have probably never written down. When should it arrive? How many rows is normal? What is its schema supposed to be? What is the usual mix of values in the column you care about most?

Write the answers somewhere. You just built a baseline, which is most of observability.

Rules protect you from the mistakes you imagined. Monitoring protects you from the ones you did not. And the feeds that take down a dashboard are almost always in that second group, sitting there green and confident and quietly wrong.

If you want to see these monitors built with real data, I walk through freshness, volume, schema, and distribution in my Pluralsight course, Monitor Data Health with Data Observability.

Reference: Pinal Dave (https://blog.sqlauthority.com/), X

First appeared on It Passed Every Test and Still Broke: Four Signals Validation Never Catches

Read the whole story
alvinashcraft
3 hours ago
reply
Pennsylvania, USA
Share this story
Delete

Why Upfront Alignment Determines Whether Complex Programs Succeed

1 Share
If you have worked with me in a large program, you have probably heard me say: “We need to do more conceptual work.” What I mean is that we need to understand how the work will actually happen before we start trying to execute it. Not just what the deliverables are, but how the teams […]



Read the whole story
alvinashcraft
3 hours ago
reply
Pennsylvania, USA
Share this story
Delete

SE Radio 729: Garth Mollett on AI Supply Chain Security

1 Share

Garth Mollet, Senior Principal Product Security Engineer and Technical Advisor for Product Security at Red Hat, joins host Robert Blumen for a discussion of AI supply chain security. They start with the basics of supply chain security, including the key components of the AI supply chain, and how it differs from the conventional software supply chain. Garth discusses whether the attacks target model weights or inference, and describes the most common attacks and what's in it for the attacker, whether exfiltration, credentials, sabotage, or resources. The episode also considers SPIFFE, SPIRE, attestation, workload identity, and whether AI has the equivalent of "reproducible builds."

Brought to you by IEEE Computer Society and IEEE Software magazine.





Download audio: https://traffic.libsyn.com/secure/seradio/729-garth-mollet-ai-supply-chain-security.mp3?dest-id=23379
Read the whole story
alvinashcraft
5 hours ago
reply
Pennsylvania, USA
Share this story
Delete

What Happens to Code Review When Agents Write the Code with Vanitha Kumar @thoughtworks

1 Share
From: Hangar DX podcast
Duration: 31:19
Views: 5

Vanitha Kumar, Market Technology Director at Thoughtworks, joins Ankit Jain to talk about how code review holds up when agents are writing most of the code.

In this episode, they get into:

Why pre-integration is no longer the only place review should happen, and
How teams decide what's even worth reviewing when a feature spans twenty markdown files, and
What shifting review "left" into a teaching moment looks like in practice, plus

Chapters

00:00 Introduction to Code Reviews
02:50 Evolution of Code Review Practices
05:46 The Role of Collaboration in Code Reviews
08:24 Cultural Shifts in Code Review Practices
11:12 Harness Engineering and AI in Code Reviews
16:37 The Future of Code Reviews and AI Integration
22:05 Platform Engineering in the AI Era

📫 Sign up for our email list for more podcasts, articles, events, and other updates: https://www.aviator.co/podcast

✏️ Subscribe for more videos: @Aviator-Co

🙌 Join a curated community of senior engineers and engineering leaders focused on developer experience and solving productivity challenges at scale! Check out our upcoming off-the-record online sessions where vetted, experienced professionals can exchange ideas and share hard-earned wisdom: https://dx.community/

Replace code reviews with verified intent
AI writes code faster than humans can review it. Aviator Verify provides compliance-grade verification through spec-driven development. Ship faster with complete audit trails. https://verify.aviator.co/

Read the whole story
alvinashcraft
5 hours ago
reply
Pennsylvania, USA
Share this story
Delete

WW 992: Gassy Jack - Largest Patch Tuesday in Microsoft History!

1 Share

Microsoft's July 2026 Patch Tuesday just shattered records with hundreds of bug fixes, and AI is the force behind the surge. Are we witnessing the beginning of a safer Windows, or is this flood of vulnerabilities the new normal? Plus, Tony Redmond's epic book has a new name (was Office 365 for IT Pros) and is now a bundle of four books.

Windows

  • Patch Tuesday is here!
  • Point in Time Restore, quieter Widgets, Windows Update improvements, Screen tint, and more
  • The biggest Patch Tuesday in history, by far: a record 570 fixes for security flaws, and a huge 3X increase from the then-record flaws fixed last month. (Some say the number is 622. Math is hard.) And this is on top of 468 Microsoft Edge/Chromium flaws that were fixed by Google this month too. Yikes.
  • Microsoft discusses how it's improving Windows security with AI
  • Windows Insider Program: Improved Windows Search is next on the docket, heading out to Experimental this week. Question: When do these things hit stable?
  • Microsoft releases Snapdragon X2 versions of its Surface for Business Pro and Laptop models

AI

  • Apple sues OpenAI for stealing trade secrets
  • Surprised there was no talk of "thermonuclear war"
  • OpenAI's response is hilarious, and it is already prepping its first hardware device
  • OpenAI just announced the rumored super app, which is a combination of ChatGPT, Work, Codex, and an in-app web browser, which replaces the standalone Atlas web browser. Also, GPT-5.6.
  • In keeping with recent history, Anthropic announced its in-app web browser for Claude less than 24 hours later
  • Reminder that Microsoft acknowledged that it, too, is working on an AI super app at Build
  • Apple releases public betas of its OS 27 releases and, shocker, Siri is really good
  • Now Spotify has an AI chatbot so I can tell it how much I hate Spotify

Xbox and gaming

  • Obsidian is working on a new Fallout game, duh.
  • A quiet time after last week's terribleness

Tips and picks

  • Tip of the week: Microsoft 365 for IT Pros (2027 edition) is here!
  • App pick of the week: MusicBee
  • RunAs Radio this week: Finding Security Vulnerabilities using AI with Sami Laiho
  • Brown liquor pick of the week: Sanctuary Single Malt Whisky Reserve Edition

Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell

Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly

Check out Paul's blog at thurrott.com

The Windows Weekly theme music is courtesy of Carl Franklin.

Join Club TWiT for Ad-Free Podcasts!
Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit

Sponsors:





Download audio: https://pdst.fm/e/pscrb.fm/rss/p/mgln.ai/e/294/cdn.twit.tv/megaphone/ww_992/ARML3112263584.mp3
Read the whole story
alvinashcraft
5 hours ago
reply
Pennsylvania, USA
Share this story
Delete
Next Page of Stories