Writing on the agentic web.
Privacy, cryptography, local AI, and building a browser from first principles.
Security · Oct 28, 2025The agentic browser security model: what changes when the browser can act
A browser that can navigate, fill forms, and submit is a qualitatively different security problem. Here is how we think about prompt injection, data exfiltration, and the permission model that addresses both.
Read →Why harvest-now-decrypt-later makes post-quantum urgent today
Nation-state adversaries are collecting encrypted traffic now, planning to decrypt it when quantum computers arrive. For anything sensitive, the window to act is shorter than most teams think.
Read → Privacy · 10 June 2026The browser telemetry audit: what Chrome, Firefox, and Edge actually send
We ran a 30-day network trace on the three major browsers with default settings. The results were worse than we expected, and clarifying about what "opt-out" actually means in practice.
Read → Local AI · 2 June 2026Running Llama 3.3 70B in your browser agent on consumer hardware
We benchmarked local inference performance for the Dart Agent on M3, M4, and AMD AI-MAX hardware. Here’s what’s actually usable for agentic workloads today.
Read → Engineering · 25 Nov 25, 2025What we stripped from Chromium and why
A technical walkthrough of the patches we apply to the Chromium tree: what stays, what goes, and the engineering trade-offs in removing tightly-coupled Google services.
Read → Privacy · 14 May 2026The BYOM architecture: why we will never sell tokens
Every browser that proxies AI inference has a structural conflict between its margin and your wallet. Here’s why BYOM is the only honest pricing model for a browser with an AI layer.
Read → Security · 5 May 2026Hardware-attested identity: a browser-engineer’s guide to TPM 2.0
A technical deep-dive into how we use TPM 2.0 and Apple Secure Enclave to generate non-exportable identity keys — and why this changes the threat model for browser-based authentication.
Read →