Piotr Bednarski

AI Engineer (R&D)

I've been running this blog for a while and was never quite sure how to describe it. Not because I don't know what I write about — more because the topics I care about don't fit in one box.

Professionally, I work on AI systems. I try to understand what they actually do. I like looking under the hood — checking what's beneath the layer of abstraction someone carefully prepared for you. I spent a lot of time in cybersecurity, and you learn quickly there that what a system shows on the outside and what it does on the inside are often two different things.

I'm a practitioner, but I don't run from theory. Quite the opposite — practice without theory is just a collection of solutions without understanding why they work. That's why I write just as naturally about pipelines and architectures as I do about things that seem to lie somewhere else entirely.

When I look at economics, I'm interested in mechanisms, not opinions. How resource allocation actually works, where and why the system gets "stuck", whether it can be designed better. I'm a Marxist, but I treat it primarily as an analytical tool — a framework that lets you see things you wouldn't notice without it. I believe a planned economy is feasible at today's technological level. For me, this isn't a political thesis, it's an engineering one.

I also write about less systemic things. About projects I make. About things that irritate me. About observations that don't fit anywhere else.

I don't know if this is a blog about technology, or about society, or something in between. Probably about what happens when someone can't stop asking how things really work.

Latest posts

July 12, 2026

Why I advise against using Hermes Agent

The entire Hermes Agent project is unresponsive, unintuitive, unsafe, vibe-coded — do not entrust it with any confidential information, I advise against buying a subscription or hosting it locally. It is a really poor project.

#hermes#hermes agent#openclaw#nous#vibe coding
June 28, 2026

WinPE as a stateless harness for Windows driver testing and fuzzing

Eliminate the overhead and lack of idempotency of a full Windows system in automated testing. A practical guide to configuring WinPE and QEMU for lightning-fast boot, automating kernel debugging, and avoiding KDNET pitfalls.

#winpe#windows#internals#ci-cd#kernel#nt#qemu
May 30, 2026

Some blog updates and the end of Agitka

I write about the recent updates to this blog and the decision to shut down the 'Agitka' editorial project, reflecting on the challenges and lessons learned from that experience.

#other#story#agitka
March 10, 2026

Security of LLM inference during runtime

I present a practical demonstration of how the integrity of a language model can be compromised during inference by modifying quantized weights in a GGUF file without restarting the server or injecting code. This highlights the importance of considering model storage and memory mapping in LLM security.

#llama#llm#inference#integrity
February 17, 2026

How I found a vulnerability in WP mail?

I write about how I discovered a vulnerability in the Wirtualna Polska (WP) mail service, which allowed me to execute stored XSS in user session. I explain the technical details of the bug, how I exploited it, and the response from WP's security team.

#security#vulnerability#wp#mail