Blog
Articles on privacy-first web tools, browser-native AI, and local-first development.
Bulk Password Breach Checking: The Zero-Knowledge Way to Audit Your Vault
Is your password vault safe? Learn how to audit thousands of passwords for breaches simultaneously using k-anonymity—without ever uploading a single password to a server.
4 min readRemove GPS Data from Photos: Protect Your Location Without Losing Camera Settings
Every photo you take contains a footprint of where you've been. Learn how to surgically remove GPS coordinates from your images while keeping the EXIF data that matters to photographers.
4 min readBreaking the Chain: How to Strip Tracking Parameters from Your Shared Links
Why do links from Instagram and Spotify look so long? Learn how platforms use parameters like igsh and si to track your social graph, and how to clean them instantly in your browser.
3 min readThe Invisible Form Attack: How Your Browser's Autofill Can Leak Sensitive Data
Think you're just filling out a Name and Email? Learn how malicious websites use hidden form fields to steal your home address and phone number through browser autofill.
3 min readBase64 Encoding: A Deep Dive for Developers Who Use It Every Week
Base64 looks simple until it isn't. This guide explains the encoding, the URL-safe variant, why it grows your payload by exactly 33%, and the gotchas that bite when you start moving binary through it.
10 min readBibTeX Hygiene: Why Your .bib File Breaks at the Worst Possible Moment
Bibliographies rot. A clean .bib file at submission becomes a tangled mess of duplicates, missing fields, and inconsistent formatting six months later. Here's how the rot happens and how to keep your references honest.
9 min readDOI, arXiv, PMID, ISBN: A Field Guide to Persistent Citation Identifiers
Every academic identifier has its own format, its own resolver, and its own quirks. This is the practical guide to recognizing them in the wild and pulling them out of messy text.
9 min readMarkdown Tables: When CSV Meets Prose
Markdown tables look simple until you write one by hand. The alignment row, the padding, the quoted fields — none of it is hard, but all of it is tedious. Here's how the format actually works and why a generator pays for itself in five minutes.
9 min readConcordance and KWIC: Corpus Linguistics in a Browser Tab
Concordance views were the original tool of corpus linguistics. They're also the right tool when you want to know how a word is actually used, not just how often it appears. Here's the technique and when to reach for it.
9 min readSobel Edge Detection on the GPU: A WebGPU Worked Example
Edge detection is a textbook image-processing problem with a textbook solution. Implementing it on the GPU in WebGPU is also textbook — but the texts haven't been written yet. Here's the worked example.
9 min readReal-Time Photo Finishing in a Browser Tab: A Multi-Pass WebGPU Pipeline
A photo finisher needs nine sliders to do real work: exposure, contrast, saturation, warmth, gamma, blur, sharpen, vignette, grain. Doing all nine in real time used to require a desktop app. Here's how to do it in a tab.
10 min readImage Histograms and Levels: What Photoshop Has Been Doing Since 1990
The histogram is the single most useful diagnostic in image processing. The levels adjustment is the matching tool that lets you do something about what the histogram tells you. Both finally run in real time in the browser.
10 min readPixel Sort: How Glitch Art Became an Algorithm
Pixel sort is one of the few generative-art techniques with a clean algorithmic statement: sort runs of pixels by some key. The visual signature — smeared streaks broken by sharp untouched regions — comes from one tiny detail: the threshold.
9 min readThe Privacy-First Web: Why Digital Tools Should Respect Your Data
Your data is yours. Learn why privacy-first web tools matter, what they protect, and how to identify tools that truly respect your digital sovereignty versus those that merely claim to.
9 min readHow WebAssembly and ONNX Bring AI to Your Browser
Explore the technical architecture behind client-side AI inference. Learn how WebAssembly and ONNX Runtime enable powerful machine learning models to run entirely in your browser without server dependencies.
10 min readZero-Backend Architecture: What It Means and Why It Matters
Zero-backend applications execute entirely in the browser, eliminating server-side privacy risks. Learn what zero-backend architecture means, how it works technically, and why it represents the future of privacy-conscious software.
11 min readUnderstanding Log Formats: A Developer's Guide
Log formats define how application events are structured and stored. Master the common log formats—nginx, syslog, logfmt, JSON—and learn when to use each for effective debugging and monitoring.
10 min readJWT Security: What Developers Get Wrong
JSON Web Tokens are ubiquitous but often misused. Learn the critical security pitfalls developers encounter with JWT implementation, including signature verification, algorithm confusion attacks, and token storage.
9 min readImage Privacy: Why You Should Never Upload Sensitive Photos
Uploading images to online services exposes sensitive data to third parties. Understand the privacy implications of cloud image processing and why local alternatives protect your data better.
10 min readAI Background Removal Without a Server: How It Works
Discover the technology behind browser-based AI background removal. Learn how U²-Net models and ONNX Runtime enable sophisticated image matting entirely in your browser without server dependencies.
9 min readThe Case for Local-First Tools in the Age of Cloud AI
Cloud AI promises power but sacrifices privacy. Explore the advantages of local-first tools that run AI in your browser—offline capability, no data sharing, and genuine user control.
9 min readWeb Crypto APIs: Secure Encryption in the Browser
The Web Crypto API enables AES encryption, hashing, HMAC, and key generation in browsers. Learn how to use these APIs securely for client-side encryption that protects user data.
9 min readBrowser-Based OCR: Tesseract.js vs Cloud Services
Compare client-side OCR using Tesseract.js with cloud-based alternatives. Learn the accuracy, privacy, and performance trade-offs between running text recognition in your browser versus sending images to remote services.
9 min readWhy Privacy Guarantees Should Be Verifiable, Not Promised
Privacy policies mean nothing if they can't be verified. Learn why verifiable privacy—through architecture, open-source code, and auditability—is essential for tools that handle sensitive data.
10 min readBuilding a Personal Developer Utility Suite with Browser Tools
Create your own toolkit of browser-based developer utilities. Learn how local tools for JSON formatting, regex testing, and JWT decoding can streamline your workflow without sending data to third-party services.
8 min read