m00dy.sh

A working notebook for security, hardware labs, model systems, and the useful threads I do not want to lose.

read notes open threads

Latest notes

field notes, essays, lab logs

field note 2026-06-13 · ML security · fuzzing · disclosure

Found by AI, Fixed by AI

A structure-aware fuzzer found a small ONNX memory-safety bug, GitHub Copilot helped patch it upstream, and the public issue-to-merge loop closed the same afternoon.

field note 2026-05-15 · ML security · fuzzing · formats

The Format That Got It Right

SafeTensors did not survive fuzzing by luck. It survived because the format puts validation before allocation, keeps code out of the file, and treats model loading as an input-parsing problem.

field note 2026-05-11 · ML security · disclosure

Signing Is Not Sealing

Post-quantum signatures are entering supply-chain infrastructure. Any ML artifact signing profile that adopts ML-DSA should get one deployment detail right before it ships: randomized mode opens a 256-bit hidden command channel that no deployed verifier can inspect.

field note 2026-05-08 · ML security · methodology

Two RAG systems, same injection rate, different problems

Two RAG systems with the same headline injection rate can need opposite defenses. Why a single number isn't enough, and what to report instead.

Open threads

tools, papers, things in motion

Manta Weight steganography: covert channels in neural network weights and the defenses against them. Paper-staging Crucible The first structure-aware fuzzer for ML model formats and inference infrastructure. Shipping Scorch Offensive toolkit for Microsoft System Center Orchestrator: the credential vault nobody had tooled up. v2.0.1 Hemlock Weaponize documents. Test RAG defenses. Harden pipelines. Shipping all threads