# Matt Suiche > Hacker · Founder of OnDB. Personal site of Matt Suiche — security research, AI/ML systems work, and notes from building things. This file follows the llms.txt convention (https://llmstxt.org). Every post is also available as raw Markdown by appending `index.md` to its URL. The full corpus is at /llms-full.txt. ## About - [About Matt Suiche](https://www.msuiche.com/about/): background, current focus, contact ## Posts - [Seeing Sound: Generative Techno and DSP in Pure NumPy](https://www.msuiche.com/posts/seeing-sound-generative-techno-and-dsp-in-pure-numpy/): Building a complete generative techno engine and a reference-track analyzer in pure NumPy — from raw oscillators to 8 arranged-track genre presets. Covers DSP fundamentals, envelopes, LFOs, filters, sidechain, generative patterns, arrangement, reverse-engineering real tracks, and seeing sound as frequency bands. - [From La Fontaine to Lego: Characters as Ideological Delivery Systems](https://www.msuiche.com/posts/from-la-fontaine-to-lego-characters-as-ideological-delivery-systems/): From La Fontaine's animal fables to USAID's Muppets to Iran's GenAI Lego rap videos — the use of characters as ideological delivery systems is centuries old. AI didn't invent the playbook. It made it cheaper, faster, and deeper. - [Local Models Within Reach: Everything That Changed in Eight Months](https://www.msuiche.com/posts/local-models-within-reach-everything-that-changed-in-eight-months/): A follow-up to my August 2025 notes on building agents for small language models. Gemma 4, Qwen3.5 MoE, TurboQuant, MLX, and a memory market correction have quietly made local AI the default option. - [Odd Lots: Cyberwar in the Age of AI](https://www.msuiche.com/posts/odd-lots-cyberwar-in-the-age-of-ai/): Notes from my second appearance on Bloomberg's Odd Lots podcast -- cyberwar, Iran, the AWS datacenter strikes, Anthropic vs. the Pentagon, and why software is going to zero. - [When Machines Pay Machines: The Economics of Agentic AI](https://www.msuiche.com/posts/when-machines-pay-machines-the-economics-of-agentic-ai/) - [Porting CUDA FFT to Mojo: Achieving Bit-Exact Precision](https://www.msuiche.com/posts/porting-cuda-fft-to-mojo-achieving-bit-exact-precision/): Porting a CUDA Fast Fourier Transform implementation to Mojo required deep PTX assembly analysis and understanding floating-point nondeterminism to achieve bit-exact precision matching - [AMD GPU Support in Triton Gluon Framework](https://www.msuiche.com/posts/amd-gpu-support-in-triton-gluon-framework/): Technical analysis of AMD GPU support implementation in Triton's Gluon framework, including architecture-specific optimizations and performance characteristics. - [RustBPE: High-Performance BPE Tokenizer Training in Rust](https://www.msuiche.com/posts/rustbpe-high-performance-bpe-tokenizer-training-in-rust/): Analysis of RustBPE - a Rust implementation of BPE tokenizer training with parallel processing and performance optimizations over Python implementations. - [Optimizing AlphaFold's Triangle Multiplicative Update: A First Look at GPU Performance Engineering](https://www.msuiche.com/posts/optimizing-alphafolds-triangle-multiplicative-update-a-first-look-at-gpu-performance-engineering/): Learning GPU performance engineering through the GPU MODE TriMul challenge - achieving 2.42× speedup on H100 through FP16 optimization, weight fusion, and systematic experimentation. - [Multi-GPU Programming with AMD's Iris Framework for Triton](https://www.msuiche.com/posts/multi-gpu-programming-with-amds-iris-framework-for-triton/) - [Gluon: When Triton Isn't Low-Level Enough](https://www.msuiche.com/posts/gluon-when-triton-isnt-low-level-enough/): After diving deep into PyTorch, Triton, CUDA, and PTX, I discovered Gluon - Triton's answer to the performance gap that even Triton can't always bridge. Here's what I learned. - [CVE-2025-21043: When DNG Opcodes Become Attack Vectors](https://www.msuiche.com/posts/cve-2025-21043-when-dng-opcodes-become-attack-vectors/) - [The Hidden Math Bug That Makes AI Unpredictable](https://www.msuiche.com/posts/the-hidden-math-bug-that-makes-ai-unpredictable/) - [Building Agents for Small Language Models: A Deep Dive into Lightweight AI](https://www.msuiche.com/posts/building-agents-for-small-language-models-a-deep-dive-into-lightweight-ai/): Exploring the architecture, challenges, and implementation patterns for building AI agents with small language models (270M-32B parameters) that can run on consumer hardware - [ELEGANTBOUNCER: When You Can't Get the Samples but Still Need to Catch the Threat](https://www.msuiche.com/posts/elegantbouncer-when-you-cant-get-the-samples-but-still-need-to-catch-the-threat/): The story of how ELEGANTBOUNCER was born from the frustration of not having access to in-the-wild exploit samples, and why structural analysis beats signatures for advanced mobile threats - [Detecting CVE-2025-43300: A Deep Dive into Apple's DNG Processing Vulnerability](https://www.msuiche.com/posts/detecting-cve-2025-43300-a-deep-dive-into-apples-dng-processing-vulnerability/): Technical analysis and detection methodology for CVE-2025-43300, a critical 0-click RCE vulnerability in Apple's DNG image processing - [Bob and Alice in Kernel-land - Part 3](https://www.msuiche.com/posts/bob-and-alice-in-kernel-land-part-3/) - [Bob and Alice in Kernel-land - Part 2](https://www.msuiche.com/posts/bob-and-alice-in-kernel-land-part-2/) - [Financial Forensics in a fragmented ecosystem](https://www.msuiche.com/posts/financial-forensics-in-a-fragmented-ecosystem/) - [Election Security - Friday Review](https://www.msuiche.com/posts/election-security-friday-review/) - [Bob and Alice in Kernel-land](https://www.msuiche.com/posts/bob-and-alice-in-kernel-land/) - [Researching Triangulation: Detecting CVE-2023-41990 with single byte signatures.](https://www.msuiche.com/posts/researching-triangulation-detecting-cve-2023-41990-with-single-byte-signatures./) - [Researching BLASTPASS: Analysing the Apple & Google WebP POC file - Part 2](https://www.msuiche.com/posts/researching-blastpass-analysing-the-apple-google-webp-poc-file-part-2/) - [Researching BLASTPASS: Detecting the exploit inside a WebP file - Part 1](https://www.msuiche.com/posts/researching-blastpass-detecting-the-exploit-inside-a-webp-file-part-1/) - [Researching FORCEDENTRY: Detecting the Exploit With No Samples](https://www.msuiche.com/posts/researching-forcedentry-detecting-the-exploit-with-no-samples/) - [POC 2022 - Korea - Keynote 🦀](https://www.msuiche.com/posts/poc-2022-korea-keynote/) - [Vegas 2022 - A web3 security review](https://www.msuiche.com/posts/vegas-2022-a-web3-security-review/) - [Magnet Forensics Acquires Cybersecurity Software Firm Comae Technologies ](https://www.msuiche.com/posts/magnet-forensics-acquires-cybersecurity-software-firm-comae-technologies/) - [SUNBURST & Memory Analysis](https://www.msuiche.com/posts/sunburst-memory-analysis/) - [Azure Sphere Internals - Overview](https://www.msuiche.com/posts/azure-sphere-internals-overview/) - [SMBaloo - Building a RCE exploit for Windows ARM64 (SMBGhost Edition)](https://www.msuiche.com/posts/smbaloo-building-a-rce-exploit-for-windows-arm64-smbghost-edition/) - [Twitter's Information Operations - An OSINT Analysis](https://www.msuiche.com/posts/twitters-information-operations-an-osint-analysis/) - [Facebook's Coordinated Inauthentic Behavior - An OSINT Analysis](https://www.msuiche.com/posts/facebooks-coordinated-inauthentic-behavior-an-osint-analysis/) - [How to Solve the Blindspots of Event-Driven Detection](https://www.msuiche.com/posts/how-to-solve-the-blindspots-of-event-driven-detection/) - [Rethinking Logging for Critical Assets](https://www.msuiche.com/posts/rethinking-logging-for-critical-assets/) - [Smart Contract Languages to Follow](https://www.msuiche.com/posts/smart-contract-languages-to-follow/) - [Porosity: A Decompiler For Blockchain-Based Smart Contracts Bytecode](https://www.msuiche.com/posts/porosity-a-decompiler-for-blockchain-based-smart-contracts-bytecode/) - [Petya.2017 is a wiper not a ransomware](https://www.msuiche.com/posts/petya.2017-is-a-wiper-not-a-ransomware/) - [Petya— Enhanced WannaCry ?](https://www.msuiche.com/posts/petya-enhanced-wannacry/) - [Lessons from TV5Monde 2015 Hack](https://www.msuiche.com/posts/lessons-from-tv5monde-2015-hack/) - [WannaCry — Decrypting files with WanaKiwi + Demos](https://www.msuiche.com/posts/wannacry-decrypting-files-with-wanakiwi--demos/) - [WannaCry — Links to Lazarus Group](https://www.msuiche.com/posts/wannacry-links-to-lazarus-group/) - [WannaCry — New Variants Detected!](https://www.msuiche.com/posts/wannacry-new-variants-detected/) - [WannaCry — The largest ransom-ware infection in History](https://www.msuiche.com/posts/wannacry-the-largest-ransom-ware-infection-in-history/) - [PASSFREELY: Oracle & SWIFT at risk](https://www.msuiche.com/posts/passfreely-oracle-swift-at-risk/) - [ShadowBrokers: The NSA compromised the SWIFT Network](https://www.msuiche.com/posts/shadowbrokers-the-nsa-compromised-the-swift-network/) - [Windows 7 and Windows Server 2008 R2 djoin (Offline Domain Join) utility.](https://www.msuiche.com/posts/windows-7-and-windows-server-2008-r2-djoin-offline-domain-join-utility./) - [Retrieving MmPhysicalMemoryBlock regardless of the NT version](https://www.msuiche.com/posts/retrieving-mmphysicalmemoryblock-regardless-of-the-nt-version/) - [Check your system virginity in less than 60 seconds.](https://www.msuiche.com/posts/check-your-system-virginity-in-less-than-60-seconds./) - [X-Ways Forensics Beta 2 and hibernation file. (coincidence?)](https://www.msuiche.com/posts/x-ways-forensics-beta-2-and-hibernation-file.-coincidence/) ## Other - [Press](https://www.msuiche.com/press/): press coverage and mentions - [Media](https://www.msuiche.com/media/): media appearances and interviews - [RSS feed](https://www.msuiche.com/index.xml) - [Full corpus (Markdown)](https://www.msuiche.com/llms-full.txt)