The workshop
These are the systems, tools, experiments, and long-running ideas I keep returning to. Some are operational. Some are prototypes. Others are still being pulled apart until the right shape emerges. The common thread is simple: they solve a problem I care about.
The three projects that best capture how I think: remove unnecessary trust, isolate risk, design for failure, and make the system useful when normal assumptions stop being true.
Precision orchestration. Zero Trust execution. A distributed management system for dispatching signed commands, streaming telemetry, coordinating updates, and managing remote nodes without handing out persistent shells.
Ephemeral File Isolation Terminal. A disposable, USB-booted environment for handling untrusted removable media, unlocking protected files in an isolated Windows VM, scanning with independent engines, and producing a verified clean handoff.
An encrypted, low-bandwidth text network intended to keep useful communication moving when internet and mobile infrastructure are unavailable. The design combines LoRa, store-and-forward routing, local coordination, and a backbone between elevated nodes.
A mix of deployed systems, works in progress, and ideas that have advanced far enough to deserve a name.
A disposable transfer workstation for inspecting files from unknown media without exposing the destination network or relying on a single scanning engine.
A city-scale emergency text network using small radio nodes, phone-held routing context, compact messages, encryption, and elevated backbone relays.
A Zero Trust distributed management system built around signed command manifests, real-time node telemetry, autonomous service recovery, and synchronized binary update streams.
A local inference environment built around llama.cpp and Vulkan, using older high-memory accelerator hardware to run capable models privately without depending on cloud APIs.
A local front end that converts endless subscription feeds into finite, intentional viewing sessions: creator queues, topic queues, and a real ending instead of permanent algorithmic grazing.
The home media and services environment behind crawf.io: virtualisation, storage, reverse proxying, local applications, monitoring, and a growing collection of deliberately self-hosted tools.
A PowerShell-based administration and security toolkit developed to make repetitive Windows systems work more consistent, inspectable, and easier to execute correctly.
A highly instrumented solar, battery, cooling, and load-management setup used to test how a modern home can become cheaper to run, more observable, and more resilient during grid disruption.
A long-form fantasy world built around a dying source of magic, imperial inheritance, competing histories, and a protagonist who stops asking a failing system for permission to change it.
The common method
Internet access, trusted media, admin availability, cloud services, human attention—every system quietly depends on something.
Good controls make the safe path obvious and reserve exceptional access for genuinely exceptional work.
A functioning prototype teaches more than a perfect architecture diagram that has never encountered hardware, users, or time.
The useful output is not just the finished system. It is also the reasoning, mistakes, and patterns that make the next build better.
More to come
Individual project pages will eventually hold architecture notes, build logs, diagrams, downloads, design decisions, and the failures that changed the final system.