Skip to main content


Last week, we saw plenty of posts about integrating DeepSeek into applications, running it locally, and similar topics. What surprised me, though, is that while I expected issues to surface, I didn't anticipate such a massive security problem with DeepSeek AI chats. Big thanks to Gal Nagli for this research: https://www.wiz.io/blog/wiz-research-uncovers-exposed-deepseek-database-leak.

We've seen countless discussions on how companies achieved this cheaply—but also so insecurely. This reflects the current state of the industry, where everyone is racing to outdo competitors in budget, speed, and features while completely neglecting security and stability.

Take Garmin as another example: https://www.dcrainmaker.com/2025/01/garmin-watches-are-crashing-when-trying-to-start-gps.html.
Or this persistent Windows Update issue: https://www.youtube.com/watch?v=h8ppow5te20
And perhaps the biggest failure yet—the CrowdStrike incident: https://en.wikipedia.org/wiki/2024_CrowdStrike-related_IT_outages.

What do all these examples have in common? A relentless push to move fast and cut costs without investing properly in testing and security processes. Unfortunately, AI has made this situation worse in terms of security and quality.

Businesses rush to integrate AI chat features and provide full access to sensitive data—only to be shocked when data breaches occur. Why spend time and budget on testing when "the AI service has already been tested countless times," right? This flawed mindset has become common.

Why am I talking about this? It's a big problem even for major companies, and we, as tech experts, must continue to prioritize quality and security while balancing business needs. In my next post, I'll share some practical steps you can take to start improving security.

Labels:

Comments

  1. AnonymousFebruary 2, 2025 at 3:20 AM

    "We, as tech experts, must continue to prioritize quality and security while balancing business needs." - 100% agree with this statement. It isn't an easy task, but we must do our best. Businesses explicitly include guidance on testing and security in job descriptions, recognizing these elements as critical components but often neglect advice afterward

    ReplyDelete

Post a Comment

Popular posts from this blog

Microsoft Azure Well-Architected Framework - Maturity models

The Azure Well-Architected Framework has always been a great way to assess and review workloads. But with the recent updates—especially the introduction of maturity levels —it’s becoming much more than just a checklist. 💡 It’s evolving into a concept. Not only can teams review their architecture, but they can now score, track progress, and continuously improve . The maturity model provides clear stages—from establishing a solid foundation to achieving future-proof agility—making it easier to understand where you are today and where you should aim tomorrow. Why is this important? ✅ It transforms reviews into a roadmap for growth ✅ It allows measurable scoring of architecture maturity ✅ It pushes teams to focus not only on compliance, but also on resilience, agility, and future-readiness Each update makes the Azure Well-Architected Framework better and stronger —helping organizations align technology decisions with long-term business success. 👉 In my view, this is the right dire...
Post a Comment
Read more

Coinbase x402 is great option for paymant per request!

  🚀 What is Coinbase x402? x402 is a new open payment protocol built by Coinbase that revives the long-forgotten HTTP 402 “Payment Required” status and turns it into a modern, internet-native payment layer . Using stablecoins (such as USDC ) directly over HTTP, x402 allows services: APIs, websites, or digital content platforms to charge per request. At the same time,  clients (including AI agents and automated systems ) can pay programmatically , without accounts, subscriptions, or human interaction. In simple terms: request → pay → get response , all at the protocol level. How It Works (Simplified) A client requests a protected resource (API, data, article, service). The server responds with HTTP 402 Payment Required , including payment instructions. The client (app or AI agent) generates a payment transaction using its wallet. The client resends the request with payment details included in HTTP headers. The server verifies the payment and immediately ret...
Post a Comment
Read more

Microsoft Azure Well-Architected Framework - Reliability

Reliability is a foundational pillar when building resilient systems, especially for critical components. Outages and malfunctions pose serious risks to any workload, so a truly reliable system must be designed to detect, withstand, and recover from failures within an acceptable timeframe. It must ensure continued functionality and maintain availability so that users can access services as expected, both in terms of uptime and quality. 🔧 Aligned with Azure’s Reliability Checklist Keep it simple and efficient Strive for a solution that meets requirements without unnecessary complexity—simplicity simplifies reliability Identify and prioritize flows Map out user and system flows, assess their criticality, and focus engineering efforts on those with the highest business impact Conduct failure mode analysis (FMA) Investigate every dependency and component with a methodical FMA to uncover weak points, and design mitigation strategies accordingly Define clear reliability and r...
Post a Comment
Read more