[{"content":"Hi, I\u0026rsquo;m Ilya, I like computers 🥲\nThat\u0026rsquo;s the short version. The slightly longer one: I\u0026rsquo;ve been pulling apart Linux internals and computer networks since I was a teenager, and somewhere along the way it turned into a career — software, HPC, hardware, ML/AI, with a long detour through fintech at Yandex.\nNow I\u0026rsquo;m CTO and co-founder of iProxy.online. We build enterprise mobile proxy infrastructure for web data, which is a fancy way of saying we run a lot of phones in a lot of places — 100+ countries, 600+ mobile carriers, last I checked. It started as a pet project. I kept doing the parts that felt fun (hiring great people, designing infrastructure, sweating developer experience, market research, project-managing the mess), and the rest, my co-founders and our small team handled with grace. None of this would exist without them.\nOn the side, I run Sintonia Strategy \u0026amp; Technology — a loose circle of hackers and MBA-trained strategists, mostly friends and former colleagues, who occasionally team up when something interesting shows up. No headcount, no roadmap — just good people doing good work together, mostly for the fun of it. A longer-horizon project, and the kind of work I want to still be doing in ten years.\nI have a half-superstitious theory about work: chase the fun problem, not the money. In my experience, money tends to show up afterwards, slightly surprised to find you there.\nI live in Portugal. I\u0026rsquo;m an engineer, an entrepreneur, and — I hope — a decent builder.\nFind me:\nGitHub: @rivik · sintoniastrategy · iproxy-online in/ilya-rusalowski x.com/IlyaRusalowski dev.to/rivik ","permalink":"https://rivik.github.io/about/","summary":"About Ilya Rusalowski","title":"About"},{"content":"This is the first post on the new hub. The hub will collect originals plus reposts from LinkedIn, dev.to, and iproxy. Reposts will set canonicalURL to their source so search engines treat the original as authoritative.\n","permalink":"https://rivik.github.io/hello-world/","summary":"First post on the new hub.","title":"Hello, World"},{"content":"I was afraid of agents yolo-mode for half a year. All my systems backed up, secrets encrypted, credentials scoped (I can\u0026rsquo;t force push from my daily account, etc). But I just can\u0026rsquo;t stand when agent do npm install -g (in a golang repo 😬, when global md says always install tools to proj dir).\nI tried docker, but it is slowing workflow — I have very unusual tooling, from latex and usb devices to qemu-kvm android emulators and incus clusters. Docker is ideal for software development, but too much for research and POCs. Manage whole of this is just moving my vm to docker.\nAgent sandboxing with this tooling is pain. Too restrictive, constantly \u0026ldquo;please allow Unsandboxed, this is impossible if isolated\u0026rdquo;.\nI just need \u0026ldquo;do whatever you want, respect unix permissions (use usb if you can), but don\u0026rsquo;t cross project dir!\u0026rdquo;.\nagent-landlock — small Go wrapper around Claude Code / Codex / Gemini that uses Linux Landlock LSM (kernel 6.2+) to make host filesystem read-only for the agent process, except $PWD and paths you grant explicitly.\nNo containers, no namespaces, no paired UID, no mount tricks. Process-local, kernel cleans up when process exits. Reads still work everywhere your user can read, so LSP, git, USB, GPU, qemu-kvm, host networking all keep working.\nagent-landlock claude agent-landlock codex exec ... agent-landlock gemini agent-landlock run -- pytest -x Forces YOLO flags by default. Persistent grants via agent-landlock grant ~/.avd. Fails closed if Landlock unavailable.\nGolang, MIT — https://github.com/sintoniastrategy/agent-landlock\n","permalink":"https://rivik.github.io/i-was-afraid-of-agents-yolo-mode-for-half-a-year/","summary":"Why I built agent-landlock — a small Go wrapper that uses Linux Landlock LSM to give coding agents YOLO mode without letting them escape the project directory.","title":"I was afraid of agents yolo-mode for half a year"}]