M00DY.SH // independent research notes
Research notes.
Independent notes on security research, model systems, hardware labs, and production infrastructure.
5 published notes
6 active dossiers
SEC ML / hardware / infrastructure
Notebook
2026-05-15 · ML security · fuzzing · formats
The Format That Got It Right
SafeTensors did not survive fuzzing by luck. It survived because the format puts validation before allocation, keeps code out of the file, and treats model loading as an input-parsing problem.
2026-05-11 · ML security · disclosure
Signing Is Not Sealing
Post-quantum signatures are entering supply-chain infrastructure. Any ML artifact signing profile that adopts ML-DSA should get one deployment detail right before it ships: randomized mode opens a 256-bit hidden command channel that no deployed verifier can inspect.
2026-05-08 · ML security · methodology
Two RAG systems, same injection rate, different problems
Two RAG systems with the same headline injection rate can need opposite defenses. Why a single number isn't enough, and what to report instead.
2026-05-01 · ML security · framework
Channel, Decoder, Substrate: A Vocabulary for ML Attacks
An ML attack is the composition of three things: a channel that carries information, a decoder that reads the channel, and a substrate that runs the decoder. Naming the shape changes how you think about both offense and defense.
All dispatches → Projects
Signal
Curated reading and monthly digests, populated as I add them. The full Signal page is the working surface; this section will surface latest items once there's something here.
All signal →