Notes
Short pieces about the methodology and architecture decisions behind the AI systems I ship — specs, evals, multi-agent orchestration, LLM integration, and the discipline of directing coding agents.
June 10, 2026
Your AI provider is going to have a bad day
Two reminders landed this week. Anthropic is retiring Claude Sonnet 4 and Opus 4 from the API on June 15 — if you pinned those versions, your calls just start returning errors, with no automatic failover. And this morning, Gemini went down. Same lesson from opposite directions: the model under your product is a third-party service that will, on a schedule you don't control, change, vanish, or break. The fix isn't strategy. It's the boring resilience engineering most AI products skip.
- architecture
- methodology
June 8, 2026
Apple rented its brain
At his farewell keynote, Tim Cook showed a rebuilt Siri — running on a custom 1.2-trillion-parameter Google Gemini model Apple pays about a billion dollars a year to use. Sit with that. The company whose entire identity is owning every layer of its stack just decided the AI model is the one piece not worth building. That's the most credible verdict you'll ever get that the model is a commodity — and a clean lesson in what's actually worth owning.
- business
- ai-native
- architecture
June 8, 2026
Route by difficulty, not by default
When Apple rebuilt Siri, it didn't pick one model and send everything to it. A timer request stays on your phone. A medium query goes to Apple's private servers. Only the hardest reasoning reaches Google's giant model. That three-tier split isn't an Apple quirk — it's the pattern every serious AI product is converging on, because sending every request to one big model overpays on the easy ones and over-exposes the sensitive ones. The fix is routing, and most builders skip it.
- architecture
- ai-native
June 7, 2026
Low-code agents wired straight into your live data
SAP's new Joule Studio builds a whole agent — workflow, specs, even the eval suite — from one sentence, grounded directly in your live business data. OutSystems does something similar. This is genuinely powerful: a business analyst can now stand up an agent on the production system without waiting in an engineering queue. It's also how you get an agent with a huge blast radius and nobody who can explain or stop it. The democratization is real. So is the danger, and most companies are not ready for the second half.
- architecture
- business
- security
June 7, 2026
65% of companies already had an agent security incident
Two-thirds of organizations have already had a security incident involving an AI agent — not a rare disaster, a normal Tuesday. And the cause isn't a rogue, misaligned model doing something evil. It's a perfectly well-behaved agent accessing data it should never have been given in the first place. The agent breach of 2026 is boring: it's an over-permissioned identity doing exactly what it was allowed to. That's good news, because boring problems have boring fixes — if you treat the agent as what it is.
- security
- architecture
- business
June 7, 2026
You escaped model lock-in. They moved it to your context.
Keeping the model swappable was the win of the year — you can change providers with a one-line config now. So at Build 2026 Microsoft calmly relocated the lock-in to where you can't swap it: your organization's context. Work IQ, Fabric IQ, Foundry IQ — your company's memory, permissions, and meaning, living inside a vendor's interpretation of your business. As one analyst put it: you can swap the brain. You may not be able to swap the memory. Here's the new trap, and how to keep the thing that actually matters portable.
- architecture
- business
- ai-native