Finance on Over the Hedge

You Can't Eat Sharpe

varun@varunhegde.com (Varun Hegde) — Wed, 06 May 2026 20:24:19 -0400

My brain is probably a little messed up from spending my whole career in trading. I don’t mean that it doesn’t work, I just mean that I often find little financial hacks that seem like a good idea at the time because the margins justify it. When I actually go ahead and do the trade, of course, it often becomes clear that I missed something crucial: You Can’t Eat Sharpe. Before we get into the dumb trade that I did, I want to do a bit of a primer on some basic theory that might be helpful.

If you already know what a Sharpe ratio is and you dream (nightmare?) of SOFR when you sleep, skip ahead to Fine Dining for the meat and potatoes

A Primer on the Sharpe Ratio

In 1966, William F. Sharpe wrote a paper on measuring “Mutual Fund Performance”^[1]. Plenty of people had tried this before (after all, the first U.S. based mutual fund started in 1924), but this paper has been cited so many times that it’s worth visiting even just to understand history.

The key idea that Sharpe explored is that comparing equity mutual funds of the 1960s was comparing apples to oranges. Technically all mutual funds are fruit, but there’s no guarantee that two portfolio managers have the same properties.

This creates a problem:

Ivan the Investor wants to invest in the best investment. He wants to make the most money possible, but he’s also scared of taking too much risk and losing the money he has scrimped to save
Ivan can invest his whole account in one of two funds, the Apple Always Allocation Fund (AAA) and the Buy Beanie Babies Fund (BBB)
assume the AAA fund returns roughly 10% per year, with 16% expected annual standard deviation
assume the BBB fund returns roughly 40% per year with 100% expected annual standard deviation
assume AAA and BBB are completely uncorrelated^[2]

Which fund does Ivan pick?

As it stands, the return maximizer with infinite holding horizon is of course going to pick the higher return despite the higher volatility - 40% per year sounds a lot better than only 10% per year. So BBB is the pick.

Which fund SHOULD Ivan pick?

In the real world, you can borrow money. In Sharpe’s idealized world, you get to borrow at the magical risk free rate. If you live in the United States, you can achieve something of a risk free rate by borrowing at the Securited Overnight Financing Rate (SOFR)^[3]. The point is that various repo counterparties borrowed/lent $3.15T overnight on May 5th at roughly 3.62% annualized (i.e. pay $1/day to borrow $10000). We’ll use this rate for our example but in reality you’ll probably pay some spread to SOFR.

Now which fund does Ivan pick? Let’s run through each of the 3 scenarios below

	Fund AAA	Fund BBB	Fund AAA x6.25
fund % return	10%	40%	10%
fund % volatility	16%	100%	16%
starting equity	$100	$100	$100
leverage ratio	1.00	1.00	6.25
assets	$100	$100	$625
debt	$0	$0	$525
SOFR	3.62%	3.62%	3.62%
interest cost	$0.00	$0.00	$19.01
gross $return	$10.00	$40.00	$62.50
net $return	$10.00	$40.00	$43.50
investor % return	10%	40%	43.50%
investor % volatility	16%	100%	100%
sharpe ratio	0.435	0.4	0.435

If Ivan just does Fund AAA or Fund BBB, he makes the same amount of money as expected ($10 on a $100 investment, or $40 on a $1000 investment).

On the other hand, if he lever up fund AAA by borrowing $525 for every $100 invested, he can eke out extra return just for paying a little bit of interest. By borrowing money, he also increases his risk - the same 16% volatility on $625 in assets is now $100 in volatility (or 100% of the initial investment).

The best part is that you don’t need to walk through this contrived example comparing the S&P 500 to spot Bitcoin (oops sorry I meant fund AAA and BBB) to be able to apply Sharpe’s work to other investments. You can simply compute the expected return minus the risk free financing rate and divide by expected risk. That number gives you a useful heuristic clean of the holy “risk adjusted return” that everybody on X seems to rave about.

A brief aside on leverage and risk managment

This is not investment advice. I happen to work somewhere where we do investing, but none of the views or opinions expressed here represent the views of my employer. These are solely my own opinions. I’d also broadly say that getting any kind of information from the internet is a bad idea. This is true if you’re going to commit your own capital to it, and even more true if you’re going to commit somebody else’s capital to it.

You may have noticed in the preceding example that Ivan levered up to 6.25x. For almost all traders, this is mostly a very bad idea because of margin calls and a magnified bankruptcy risk. Don’t do this.

The Fine Dining Experience

Now that we’re all roughly acquainted with how leverage can allow you to pick the better risk-adjusted investment we can get into why maximizing risk adjusted returns actually can’t be your only criteria.

I had the bright idea in February ‘24 to participate in a Tax Lien auction. The rough trade idea is very simple. People own property. Local governments in the United States levy property taxes on said property to pay for services that private property owners tend to benefit from (public roads for their cars, public schools for their children, hospitals, human services, etc.). Often times, property owners forget to pay their property taxes. Bidding on a tax lien certificate is effectively bidding on the right to collect the homeowners property taxes from them plus some penalty and some interest. You basically are fronting them the cash for their property taxes until they can pay it.

90% of the time, the owner has forgotten to pay and they pay the penalty and move on within a week.
8% of the time, they choose not to pay. You have to send them a letter and they pay the penalty and some interest within a month.
1.5% of the time, they can’t afford to pay because of circumstances in their control. For example, they bought a $2M house and then bought a Lambo the next month. This usually takes a while to resolve
0.5% of the time, there are unavoidable circumstances. Who am I to judge?^[4]

There’s relatively low (zero?) risk of this overcollateralized financial instrument (loan?) resulting in a loss, and the returns are generally decent (benchmark 6-7% annual coupon rate). Also the duration risk is relatively low given that most trades complete within a month or two and even the extended ones last max 2y.

This is exactly the kind of high Sharpe trade that should be massively levered, right?

This is where Sharpe isn’t the only metric that really matters at the end of the day

A Real Example

Below are the cashflows associated with the real auction that I did back in 2024. The IRR of almost 15% on fully collateralized notes with super-senior lien status is just absolutely mouthwatering. It’s also such a weirdly niche corner of finance that you don’t have a lot of institutional competitors crowding you out.

Date	Cash Flow
3/26/2024	$ (1,480)
3/26/2024	$ (1,900)
3/26/2024	$ (1,913)
3/26/2024	$ (1,190)
3/26/2024	$ (1,679)
5/1/2025	$ 2,373
10/17/2024	$ 1,628
4/11/2024	$ 2,104
3/31/2026	$ 1,368
3/24/2026	$ 1,930
IRR	14.5%

The main risk here is that the tax payer decides to never pay back and you need to foreclose and the lawyer fees are worth more than the house that needs foreclosure. As it turns out, all of these properties were worth more than 100x the lien, so that’s an unlikely issue.

On paper this is a sweet deal. It’s like picking up Sacagaweas off the floor in front of a steamroller except the steamroller is out of gas. I had fewer white hairs in my beard back then.

What’s the Problem?

You probably noticed that I only made $1241 after committing $8162 in capital for almost 2 years. Considering I financed 100% of this at SOFR, I basically clipped an IRR of 11.5% FOR FREE. Why not do this ad inifitum to make infinite money?

Turns out that high Sharpe just means that you have a capital efficient trade. The big problem with this investment is that the total market issuance is only about $25B a year across the continental United States. That’s every single municipality in the country. My $8k was only 0.5% of the bids in the auction I participated in. I won’t get into my pricing algorithm for placing bids, but it does mean that if I was looking to make meaningful money (call it $1M), that I would need to commit to bidding in 100+ municipalities with similar scale, or pricing tighter so I capture more of the auction (and reduce my implied yield to maturity).

It’s really really painful to navigate around even one township’s rules and regulations surrounding tax lien certificates. Don’t even get me started on expanding to hundreds.

Parting Thoughts

This could be an interesting trade for somebody that is willing to manage a whole portfolio of certs. If anybody has experience with similar-ish instruments feel free to reach out, I’m always interested to learn more and hear war stories.

Footnotes

[1] - The Journal of Business, Vol. 39, No. 1, Part 2: Supplement on Security Prices, pp. 119-138 JSTOR 2351741

[2] - ask Tyler Given if there’s a spurious correlation between Apple, Inc. and Beanie Babies

[3] - I won’t go into the mechanics of how you can put on this trade, it’s not important. Maybe for a future piece

[4] - these are the folks that I actually feel for. It can be a very harrowing experience and often times paying your property taxes is the last thing that gets dropped

I Was the Spam All Along

varun@varunhegde.com (Varun Hegde) — Sun, 19 Apr 2026 20:58:26 -0400

This one is just going to be a short follow up on A Quick Business Discussion. You might be wondering if I ended up running the model in production. I did.

Initially, I started running the filter every 15 minutes, for any message sent in the last 7 days. If you’re familiar with low-bandwidth, low-cost IMAP servers, you might already see where this is about to go wrong.

We got an e-mail that was immediately classifed as spam…

Immediate Action Required: Suspicious Download Activity Detected on Your Titan Account

I am writing to address a matter concerning an unusual surge in downloads amounting to 58.3 GB in last 7 days originating from ****@j****e.com Titan account setup on a third-party email client. Unfortunately, this activity is categorized as suspicious behavior and signifies an unfair utilization of our account resources.

I followed up and gave the tech team a little more information. It wasn’t a scam or a botnet, it was just my naive filter re-downloading what must have been a very large file sent in the last week. They replied with the following:

Yes, continuously scanning emails from the last week every 15 minutes would result in a high volume of downloads, which aligns with the activity we observed.

Limiting the scope (e.g., only unread emails from the last 24 hours) would be a more reasonable approach.

First off, the Titan opsec teams are so nice. I started my career in a place where the default response to something this dumb would not be so nice. So kudos to Titan.

Second off, the fix is so darn simple that all you had to do was check the log file (that was 100s of MB long when printing every e-mail subject) to understand what was going on.

Actually, this reminds of a similar story involving Tibco Rendezvous multicasts.

A brief detour on DOS-ing systems

I might be butchering the story, but I heard it almost 10 years ago so cut me some slack.

A friend needed to ack messages recieved over a Tibco RendezVouz (TibRV) multicast because something wasn’t working. The ack was very simple: if recieve message, send “yo yo yo, this is ______”. The modern day equivalent of this is testing a full-duplex websocket by sending keep-alive messages.Should work. The problem is that said acking code was also listening to the same channel, so every recieved ack created another one in an infinite loop of UDP packets. UDP on the corporate intranet sure is speedy. So this causes massive bottleneck on the multicast channels and inevitably brings down multiple hosts. When the production support engineers go to check the logs to figure out what happened, they find “yo yo yo, this is ______”.^[1]

Back to E-mail

As I said, the fix was so darn simple. The following IMAP query:

since = dt.date.today()

“SEARCH”, f’(SENTSINCE {since.strftime("%d-%b-%Y")})'

Needed to become a slightly more restrictive one:

since = dt.date.today() - rdate(days=7)

“SEARCH”, f’(UNSEEN SENTSINCE {since.strftime("%d-%b-%Y")})'

And voila, running every 15 minutes has stopped causing an issue! Until the next time that maybe we get an insanely large e-mail

footnotes

[1] - I promise this really wasn’t me, but also it’s a mentor that I respect a lot. Real engineering starts and ends with print statements so often and it’s fun to know that your mentors are human too

A Quick Business Discussion

varun@varunhegde.com (Varun Hegde) — Sat, 17 Jan 2026 15:29:37 -0500

Some of you might know that my fiancée is a small business owner on top of the many hats that she wears. Today’s post is about a small part of that experience that I’m familiar with. Read along to learn something about how basic spam e-mail classification models are built and how you too can make a startup that replaces Google, get acquired, then get shut down after securing your bag.

If you’ve ever worked with a small business that doesn’t have Gmail set up to host its e-mail services, you’ll know the struggle of hundreds of e-mails from totally anonymous people fishing for who knows what.

If you haven’t had this experience, imagine that you’re really excited to receive client inquiries for custom dresses and sizing. Unfortunately, 25% of the e-mails you get are complete spam. These solicitors tend to be completely harmless, but boy are they annoying. Here’s an example:

from: SHOPIFY EXPERT ahmedi*************@gmail.com^[1]

subject:

content: If I could help your store achieve 8–10 consistent revenue daily without relying heavily on paid ads, would you be available to a brief walkthrough of the exact system that’s already generating results for other stores?

At first read, 8-10 incremental daily sales without relying on paid ads would be amazing! How much would you normally pay for that? And this guy would do this for us with no guarantees?! Amazing, sign me up. I don’t know what game they’re actually playing because I’ve never responded, but it reeks of SCAM

Gmail tends to do a pretty decent job of filtering out real spam. Unfortunately, the solicitors tend to also format their e-mails in ways that don’t look entirely like spam and might even be a reasonable outreach attempt (if I didn’t know better). Gmail is also EXPENSIVE. Now you might say, “but Varun Gmail is so cheap it’s only $20/month,” but when you’re bootstraping you make little sacrifies on quality of life issues^[2] because literally every dollar counts and can be used effectively for other things. For example, properly tuned outreach ads can cost $0.01 to $0.03 per view.

As the good little fiancé I am, I decided to use ~~basic logic~~ ~~statistics~~ ~~classification~~ ~~MACHINE LEARNING~~ ✨AI✨ to filter out spam intelligently.

the process

People explore and process data in so many different ways. I always find it helpful to understand how people planned their research before they start. Here’s mine:

Define the problem. Identify possible solutions
Find and archive the relevant data
Explore data to see if any patterns or features stick out
Decide on a model
Train the model
Test the model
Time for production, baby

some disclaimers

you can skip the next section and go right to results if you don’t care too much for the actual machine learning aspects.
If you think that I’m going to explore state of the art ✨AI✨, then I’m sorry to burst your bubble. I’m sure there are people out there that are using ✨AI✨ to solve the spam problem. They’re probably much smarter than me, and also they probably have a budget that eclipses the national GDP of Tuvalu. My budget is exactly $0, not including the cost to purchase and power overkill home build PC. I might write about the saga of my computer some day, but suffice to say I bought it in college from a buddy and I’ve made substantial improvements over time. Somehow I’m still not putting it through it’s paces though.

Okay, now onto the actual work!

defining the problem and solution

Spam is annoying. Every spam e-mail wastes brainspace and bothers us. It distracts from doing real productive things. To deal with the spam, we can either ignore all notifications or manually review each message to classify them and delete those considered to be spam.

OR, I can apply some ~~✨AI✨~~ ~~MACHINE LEARNING~~ statistical classification algorithms and basic logic to realize the Pareto Principle automatically. A successful outcome would be a model that can screen each received e-mail for spamminess and sucessfully decide between “spam” and “not spam.” Of course, since we’re receiving client e-mails too, it would be far worse for our model to mistakenly classify a client e-mail as spam than for the model to classiy a spam e-mail as ham. We need to make sure that our errors are biased towards false negatives (Type II) instead of false positives (Type I).

getting data (corpus?^[3] )

Our raw data is e-mails. I have no interest in manually scraping, so I’ll use Python’s convenience IMAP client libraries to fetch raw data. I have my own wrapper implementations that make this kind of scraping easier, but you can fetch data however you like. For example, I’ve heard that the Enron e-mail corpus is a freely available database of 600k e-mails. Apparently it’s difficult to get access to this kind of private e-mail data unless you’re Google, so this could be interesting to you.

click to expand and display the IMAP download sequence

 messages = {
 'spam': [],
 'ham': []
 }

 with mail.IMAPClient(mail.IMAP_SERVER, mail.IMAP_PORT, user, password) as client:
 client.client.select('inbox')

 typ, data = client.client.search(None, 'ALL')
 email_ids = data[0].split()

 print(f"found {len(email_ids)} emails.")

 for num in tqdm.tqdm(email_ids, 'fetching emails!'):
 typ, data = client.client.fetch(num, '(RFC822)')
 for response_part in data:
 if isinstance(response_part, tuple):
 msg = email.message_from_bytes(response_part[1])
 messages['ham'].append(msg)

 with mail.IMAPClient(mail.IMAP_SERVER, mail.IMAP_PORT, user, password) as client:
 client.client.select('spam_training')

 typ, data = client.client.search(None, 'ALL')
 email_ids = data[0].split()

 print(f"found {len(email_ids)} emails.")

 for num in tqdm.tqdm(email_ids, 'fetching emails!'):
 typ, data = client.client.fetch(num, '(RFC822)')
 for response_part in data:
 if isinstance(response_part, tuple):
 msg = email.message_from_bytes(response_part[1])
 messages['spam'].append(msg)

The basic fetching algorithm that I use is to download every e-mail from the main inbox and a folder named spam_training.

Then I extract the message body and the non-body items in the message (i.e. all of the e-mail headers). You might notice in stats below that the total e-mail counts are less than 1,000. Since I was only able to manually classify a couple hundred e-mails before my fingers fell off, I constrained the non-spam content to random sample of the e-mails to get close-ish to matching the number of e-mails that I classified. In doing this, I create a more “balanced” dataset that allows stastical machine learning algorithms to focus in on the gap between non-spam and spam classes. If we used the full dataset, there would be far more real e-mails than spam e-mails and our models would need to learn on a very limited dataset.

At this point, I have a pandas DataFrame where every e-mail header is a column and the e-mail body a column with NLTK stopwords excluded. Time to do some explorin'

click for the code for cleaning documents into a pandas DataFrame

 rows = []
 for m in messages['ham']:
 row = dict(m.items())
 row['body'] = mail.get_body_robust(m)
 row['is_spam'] = False
 rows.append(row)

 for m in messages['spam']:
 row = dict(m.items())
 row['body'] = mail.get_body_robust(m)
 row['is_spam'] = True
 rows.append(row)

 df = pdut.clean_cols(pd.DataFrame(rows).dropna(how='all', axis=1))
 stop_words = spam.get_stopwords('english')
 df['clean_body'] = df['body'].apply(clean_text, stop_words=stop_words)
 df['doc'] = df[['clean_body', 'subject']].apply(lambda x: json.dumps(x.to_json()), axis=1)

exploratory data analysis

I’m a bit opinionated when it comes to statistics. I think a little subject matter expertise goes a long way in finding predictive features. If you’re not personally an expert, then that’s fine, just go on social media and try to find one to learn from for a bit. You can use that expertise and learning to explore the data without wasting a lot of time.

Fortunately, I have personal experience seeing the spam that Jessie receives. There’s some patterns that jump out.

1. subject line

First, I kept seeing e-mails with no subject. Weird.

If I look at the actual distribution of spam v. non-spam e-mails, you can see that 65% (88 / (88 +134)) of the spam has no subject. If we can find a way to identify empty subject e-mails that are spam, we’ll remove more than half of the spam. Conveniently, only 0.65% (88 / (88 +134)) of the non-spam has no subject^[4]. This means we can pretty confidently say “if the e-mail has no subject, it’s spam.” Silly spammers, making this too easy, I don’t even need to whip out the ✨AI✨ yet.

	not spam	is spam
has subj	764	134
empty subj	5	88

2. from address

Second, I notice that most of the spam comes from new gmail.com addresses. Using the same lens as the empty subject exploration, 95% of the spam comes from an email ending in @gmail.com. If we can find a way to identify gmail addresses that are spammers, we’ll remove 95% of the spam. Unfortunately, while most spam is from Gmail, many Gmail e-mails (32%, or 97 out of the total 97 + 210 Gmail) are decidely NOT spam. Many of these are e-mails from me to Jessie, so I hope she doesn’t think I’m spam!

	not spam	is spam
not Gmail	672	12
is Gmail	97	210

Third, I vaguely noticed that a lot of these spam e-mails use the same rough vocabulary. Why? Maybe because there’s a video out there called Cold Calling For Beginners: A Step-by-Step Guide to Book Sales Meetings, or because there are more people selling cold calling courses than there are cold calls to make? Don’t even get me started on how there are 10x more courses on how to get started in profitable real estate flipping than there are actual opportunities to profitably flip a house.

My personal angst at telemarketers (and now e-mail marketers) aside, the point is that the vocabulary that they use is drab, rehearsed, copy-pasted, automated, etc. It’s certainly not ✨AI✨ generated using the state of the art LLMs. I suspect this is because if the e-mail were too good then they would attract a higher proportion of qualified leads and these spammers mostly make money on the UN-qualified leads (i.e. how the Nigerian prince scam works. I’ll probably write about this sometime). Ok back to the topic at hand: if you make a wordcloud of what is in the e-mails I classify as spam, it’s immediately clear that there really are a lot of repeats.

It looks like somebody is telling spammers to jumble together a mix of “conversion”, “product”, “sale”, “store”, “traffic”, “partnership”, “customer”, and “result”. I really hope that the spammers aren’t paying for a course to learn how to do this.

4. “quick question for you, varunhegde.com”

I swear ✨AI✨ is either going to make spamming way easier or way way dumber. If you noticed in the wordcloud above, the spammers just love to say “jessiereneenyc” all over the place. When you read the actual e-mails, it looks something like this:

Hi Jessiereneenyc, Out of curiosity, are most of your sales coming from returning customers, or are you focusing on bringing in new visitors right now?

No normal person writes an e-mail like this I hope. The data confirms this too:

	not spam	is spam
baseline	611	65
“jessiereneenyc”	158	157

constructing features

Ok, after all this, we have 4-ish feature ideas. My gut ranks them like so:

empty subject –> almost definitely spam
uses the exact text “jessiereneenyc” –> almost definitely spam
generic vocabulary matching probably implies spam
from a Gmail address –> often spam, also encompasses most of the spam

features 1, 2, and 4 are easy features to build, here’s the code:

 feats['no_subject'] = (feats['subject'].str.len() == 0).astype(int)
 feats['has_jessiereneenyc'] = (feats['clean_body'].str.contains('jessiereneenyc') |
 feats['subject'].str.lower().str.contains('jessiereneenyc')).astype(int)
 feats['is_gmail'] = feats['from'].str.contains('@gmail.com').astype(int)

feature 3 is a little harder, and we’ll rely on proper machine learning techniques to build it. Since we know that the feature should basically map to “similarity to spammy e-mail vocabulary”, if we can construct a generic model for spammy vocabulary we’re in a great spot. Fortunately, some very smart people have developed lots of really impressive models to do exactly this.

I’ll use a technique called Term Frequency-Inverse Document Frequency (TF-IDF) Vectorization to transform each e-mail’s content into a vector that represents how frequently each word in each e-mail is used. The “term-frequency” (TF) of a word in a document is just the relative frequency of that term in that document. In layman’s terms TF for “apple” is computed by counting all the times “apple” is in a document and then dividing by the number of words in the document. Inverse document frequency (IDF) is how common a word is across all of the documnets in the provided dataset. Again using the “apple” example, divide the total number of documents by the number of documents that “apple” shows up in at least once. Take the log of that number. TF-IDF then is just the TF x IDF for a specific word.

All of this math seems onerous, but again, smarter minds have done the hard work for me. sci-kit-learn in Python has an implementation called TfidfVectorizer that will generate a matrix of tf-idf terms for a specific set of documents. One line of code!

 vectorizer = TfidfVectorizer(max_features=500)
 tfidf_feats = vectorizer.fit_transform(feats['doc'])

training and testing the model

I now have some heuristic understanding, some labelled data, basic features, some fancier features. I can finally train a model!

WRONG, I have to pick which ones to try first. There are so many to choose from, but if you follow the handy dandy guide that sci-kit-learn provides you don’t even need to know the pros and cons of the various ones!

If you follow the flow chart:

I have more than 50 samples (N=~900, maybe I’ll pull in more e-mails if I get bored)
I am predicting a category (spam or ham)
I do have labeled data
I have less than 100k samples (no SGD or kernel approximation for me)
the data includes text-based features

What that leaves behind is Naive Bayes classifiers. I’ll use a Multinomial Bayes model because the features are all binomial (my special features) or multinomial (tf-idf feats) by definition all effectively take on counts or frequencies.

 X_train, X_test, y_train, y_test = train_test_split(X, y, test_size=0.2, random_state=42)
 other_feats = ['no_subject', 'has_jessiereneenyc', 'is_gmail']
 if len(other_feats):
 X = sp.hstack([tfidf_feats, sp.csr_array(feats[other_feats])])
 else:
 X = tfidf_feats

 y = feats['is_spam'].astype(int)

 model = MultinomialNB()
 model.fit(X_train, y_train)


 feats['is_spam_pred'] = pd.Series(model.predict(X), index=df.index).astype(bool)
 y_pred = feats.loc[y_test.index, 'is_spam_pred']

results

	Training		Testing
	Not Spam	Is Spam	Not Spam	Is Spam
Not Predicted	599	18	149	3
Predicted Spam	7	168	2	45
Accuracy	96.8%		97.5%
Precision	90.3%		93.8%
F1 Score	93.1%		94.7%

I trained the model on 80% of the data and then tested against the remaining 20%. Unlike in the hedge fund world, I don’t need to worry too much about forward looking bias: the spammers are hopefully not changing their methods over time to extract alpha from the spam market.

The results speak for themselves:

I can correctly guess spam v. ham 97.5% of the time OUT OF SAMPLE
I mistakenly classify 6% of true spam as ham: that’s not so bad
I mistakenly classify 1.3% of true ham as spam.

Importantly, the false positive rate is pretty low at 1%. Do you think a person that has to sort through 200 e-mails will miss more than 2 e-mails becuase they have to wade through 50 spam e-mails?

Now, that same person only has to review 148 e-mails and they can be 98% confident that they’re not missing anything important.

running in production?

My rinky dink spam detection model trained on a random sample of 992 e-mails classifies does a relatively phenomenal job for a short Friday evening hacknight. Probably took me longer to write this post than it did to do the analysis.

Now all I need to do is scrape together a service that iteratively moves high probability spam e-mails into a “likely-spam” folder and then continuing to retrain over time with new data.

footnotes

[1] - I’m actually censoring the e-mail here so that they don’t find out I’m making fun of them in case they’re malicious. Ironically, it also prevents them from receiving spam from scraper bots in return.

[2] - Jessie, if you’re reading this, I know you plan to get Gmail set up as soon as it makes sense :)

[3] - this is such a fun word. so domain specific but it does make me feel real fancy to use it. I knew the SAT would come in handy some day

[4] - If I actually go to check those e-mails they actually are spam too, I’m just too lazy to reclassify them.

The dark web 101: what it is, how it works, and why people use it

varun@varunhegde.com (Varun Hegde) — Fri, 07 Nov 2025 21:37:09 -0500

Interesting fun fact, the internet only connects about 5.5 billion people as of 2024. Not surprisingly, most of these people live in developed countries as you can see in the animation below from the United Nations.

There are infinite ways to classify the internet, but I think that the most mysterious one is the breakdown of clearnet, deepweb, and darkweb. Most people that are aware of the distinction between those three terms don’t get too hot and bothered about the darkweb or the deepweb, but to the layman, the darkweb sounds like a scary place where you can only find spooky and unsavory things. I’ve always had a fascination with tech so I thought I’d do some research myself to understand things a little better.

Unfortunately, to truly understand the dark web you also kind of need to understand the basics of what makes the regular old internet tick. If you’re already familiar with the basic then you can skip ahead to Some Definitions

The Modern Internet

A Flash of Light as the Birth of the Web

Before the mushroom clouds in the Oppenheimer movie were a twinkle in Christopher Nolan’s eye, there was the real Oppenheimer. He’s famous for his quotes, one of my favorites being: “We knew the world would not be the same. A few people laughed, a few people cried.” No one at the time could have imagined that the nuclear bomb would spark a mad race to prevent further destruction which resulted in the internet.

In the 1960s, the United States Air Force was trying to improve its ability to ensure mutually assured destruction (MAD). My seventh-grade history teacher loved that term for all the right reasons. MAD was the big idea to prevent future nuclear conflict. It all boiled down to the most basic of human fears: if you nuke us, we nuke you. Simple game theory says that the stable equilibrium is no nuclear launches as long as both sides can still communicate and coordinate a retaliatory strike.

To guarantee that communication, the military needed systems that could survive jamming, attacks, and partial blackouts. These systems needed to send messages over long distances without relying on a direct connection.

Enter packet switching: the foundation of the modern internet.

Packet Switching, ARPANET, and TCP/IP

The core issue with point-to-point communication systems is that we want to send arbitrarily long messages over an unreliable messaging medium (all of them are, to some extent). For the sake of argument, let’s say that you’re trying to send a message cross country. It’s critically important that the message arrive and you don’t want to take any chances that your recipient misses even a piece.

You could send messages over radio in their entirety or encoded/encrypted messages over morse code or telegram, but intermittent connection mean data loss.

Packet switching is the idea that you can chunk messages into fixed packets of information that are transmitted over an arbitrary network medium. The packet need only contain enough information to identify the start of the message, the address, sender, and an id for ordering parts of, the piece of the message, and lastly a little piece to identify the end of the message. This way, instead of needing to be able to send the whole message from point A to point B, you can reliably transport most of it in pieces and just have the recipient re-request for any missing pieces. You can see a sample of a data packet here:

If you break a message into 100 packets and your network drops 10%, you just resend the missing packets until the recipient has all of them. All you need is a network of computers willing to relay packets. The first such network was ARPANET, created by DARPA. ARPANET didn’t initially support lost packet recovery - if the network failed to deliver, the sender and receiver simply got stuck waiting.

To fix this, early developers created a protocol that sits on top of the network called Transmission Control Protocol/Internet Protocol (TCP/IP). This protocol had roughly 4 ground rules:

Each distinct sub-network in the broader network could/should stand on its own. No overarching network could impose requirements for other networks to connect.
Communications (i.e. packets) would be forwarded on a best efforts basis. If a packet didn’t make it to the final destination, it would be up to the packet source to retransmit.
Intermediate connection points would store no information about the individual flows of packets to keep them simpler and low latency
No global authority would/could own the network

They also needed to handle the following issues:

Algorithms to prevent lost packets from permanently disabling communications and enabling them to be successfully retransmitted from the source.
Providing for host-to-host “pipelining” so that multiple packets could be enroute from source to destination at the discretion of the participating hosts, if the intermediate networks allowed it.
Gateway functions to allow it to forward packets appropriately. This included interpreting IP headers for routing, handling interfaces, breaking packets into smaller pieces if necessary, etc.
The need for end-end checksums, reassembly of packets from fragments and detection of duplicates, if any.
The need for global addressing
Techniques for host-to-host flow control.
Interfacing with the various operating systems
There were also other concerns, such as implementation efficiency, internetwork performance, but these were secondary considerations at first.

HTTP/HTTPS

There’s a fundamental issue with sending TCP/IP packets: packet contents are cleartext. Anyone along the route can read them, like passing a note to your crush through a classroom and every kid opens it on the way.

What we need is some way for the messages to be hidden from prying eyes but for the correct recipient to be able to read the message without anybody else reading it. Enter encryption. Cryptography is a field that is far too deep to even start with a 101 in this post, but maybe I’ll get into it another time. For now, it suffices to say that there is a protocol called Hypertext Transfer Protocol (HTTP) which sends data between two communicating services, which can be encrypted using Transport Layer Security (TLS). This encrypted variant of HTTP is called HTTPS (HTTP Secured).

Summary

The modern internet is a stack of different protocols:

Physical - the actual wires connecting computers
Data link - allows sending “frames” of data
Network - layerleyer that coordinates sending packets across a network, including addressing, routing, and traffic control
Transport (TCP, UDP)
Session - managing continuous streams of data between two clients
Presentation - encoding, compression, encryption/decryption
Application (HTTP, HTTPS, FTP, FTPS, SFTP, SMTP) - high level protocols that coordinate how to actually exchange data

These layers enable encrypted communicatino over unreliable networks. Fleshing out the summary here into more details would be a literal textbook, so I won’t go into more details ARPANET, TCP/IP, HTTP, SSL, or TLS. If you’re interested you can follow A Brief History of the Internet and all the online resources like the OSI Model overview on Wikipedia that describe the modern web stack. Those articles have much better technical writers than I and have included more detail than I’ll ever be able to address.

With the basics covered, we can define the terms from the introduction.

Some Definitions

clearnet, surface web - the shallowest layer of the internet. Sites that are accessible by the broad public with limited anonymity or barriers to entry. For example, public Twitter, the NYTimes, Reddit, etc. You can confidently send messages to and receive message from clearnet sites, but you can’t guarantee that the communication is encrypted or anonymous. Snoops can figure out who the communicating parties are pretty easily by monitoring packet traffic.
deep web - hidden and unindexed websites. You can’t just find these by searching Google or you may need to log in to even know they exist. This includes banking websites and pages hidden behind paywalls
dark web - web sites and services which are unindexed, and inaccessible except by special encryption schemes that statistically guarantee the user and service’s anonymity and security against the most basic attack vectors.

Who Needs the Darkweb?

Even though the modern internet stack using HTTPS hides message contents, it does not hide WHO is communicating. To normal people, this is no big deal. This could literally be life or death for:

Political dissidents: try being a Russian critic of Putin or a Chinese critic of the CCP. These folks could use a way to communicate and share information without anybody knowing that they’re communicating
Journalists: need to be able to communicate with sources securely (provided by HTTPS) AND ANONYMOUSLY
Whistleblowers: they’ll need to communicate anonymously with tip off points
Criminals: probably obvious why they would want to communicate anonymously
People looking to prevent digital advertisers from tracking them
People that want to support better privacy for all internet users

The dark web solves this problem by introducing a statistically anonymous communication protocol.

The Onion Router

If you’re any of the above cateogries, you might want to use onion routing.

The protocol is pretty simple. Instead of sending messages directly from sender to recipient, packets are routed in a secure layer from sender to intermediary 1, then intermediary 2, then to intermediary 3 and finally to the receipient.

To guarantee anonymity of the sender and recipient, the original message is wrapped in encrypted envelops in multiple layers. If intermediaries pass enough messages, there is a statistically low probability that somebody watching messages passed through the network could back out the original sender and intended recipient. That snoop would need to be watching a large portion of the network simultaneously.

Palo Alto Networks has a pretty good overview of TOR. The procedure is roughly as follows:

A user builds a TOR circuit by selecting three nodes to relay messages and obtains a shared public encryption key from each of them. Let’s call them N1, N2, and N3
The user encrypts the private message that she wants to send in three layers. Let’s say encryption of a message M with public key i is denoted by fi(M). The user sends a message M1 that looks like f1(f2(f3(M))) to relay node N1.
node 1 decrypts the wrapped message into the internal message. it reads that the next node in sequence is N2. node 1 forwards the contents of the message M1 to N2.
node 2 decrypts the wrapped message into the internal message. it reads that the next node in sequence is N3. node 2 forwards the contents of the message M2 to N3.
node 3 decrypts the wrapped message into the internal message. it reads that the next node in sequence is the intended recipient (R). node 3 forwards the contents of M2 to recipient R.
the recipient receives the message and decrypts it. Recipient now has the option to reply and each relay node can rewrap messages at each step of the way to send messages back

What’s great about this is that at each step, the sender only knows the alias for the service, and each relay only knows about their immediate neighbors in the message. Even better, the receiver knows nothing about the sender except the contents of the message, and the sender knows nothing about the receiver except the alias of the service and the responses that they send.

Let’s assume now that there is some globally omniscient observer that can view every connection and every message in and out of every network node.

If the communicators use TOR, then it becomes impossible for said observer to correlate the first wrapped message with the final message sent to the receiver unless the observer can control all of the relay nodes.

Operational Security (OpSec) Considerations

Before we start, you might ask: why do I need this? Presumably you want to avoid letting bad actors (read: Facebook? OpenAI? Hostile governments?) surveil you. You also want to avoid exposing yourself to attacks and theft.

There are people that write multiple textbooks on the topic of opsec. I can’t possibly cover enough to save you from yourself, and frankly I bet I don’t know enough to protect myself 100% (does anybody really?). With that caveat in mind, read the below posts to maintain your safety when browing the dark web. As it turns out, these tips also are applicable to the regular web.

You should start with reading the basics on this GitHub gist and this Reddit post. Obviously, there are levels to this, and the only people that truly need to go to the furthest extremes are probably sending messages via carrier pigeon.

Common mistakes that put you at risk

ID re-use: reusing the same usernames, e-mail addresses or passwords across difference services and platforms can make you more susceptible to risk. If one service gets hacked or has bad security practices, your sensitive access credentials are exposed more broadly
Weak authentication: simple passwords or lack of multi-factor authentication (MFA) can leave you open to simple brute force attacks or other exploits. I won’t get into how modern password security is implemented - you can do some digging on that.
sharing too much: just like saying too much makes you a target, revealing too much info online can do the same. Real g’s move in silence like lasagna.
predictable routines: go to the same website every day at the same time? anybody snooping your traffic migyht be able to identify you by using that information

Frequently Asked Questions

I told my friends that I’m writing something about this and heard a suite of questions… some better than others.

1. Is the dark web illegal?

I cannot emphasize this enough: this is not legal advice and is merely my personal, non-professional opinion. That said, the legality of the dark web depends on jurisdiction. If you live in the United States and are not otherwise committing a crime, the law as of the time of this posting suggests that you are not committing any crimes.

In other countries, this is not necessarily the case. It’s possible that using TOR services can put you at significant personal risk. For example, I can imagine certain east Asian countries might not be too thrilled.

2. Can the police track TOR usage?

I cannot emphasize this enough: this is not legal advice and is merely my personal, non-professional opinion. In theory, it is absolutely possible for police to track TOR usage. In practice, this should be exceedingly difficult because anonymous and uncompromised relay hosts probably aren’t actively sharing your messages with law enforcement. If you’re worried that the police are using their limited resources to track your TOR usage, it’s probably more likely that they’re using higher quality and lower tech exploits (every heard of wire-tapping warrants?).

3. What’s the difference between Tor and VPNs?

A Virtual Private Network (VPN) acts as an overlay to pass messages between participants. The VPN generally has a known set of relays or at least a set of relays that are all controlled by the same provider. As such, compromising the intermediary means compromising your privacy.

TOR is a protocol that passes messages between relay circuit members in a big game of telephone. The relay strategy allows roughly anonymous communication between parties without requireing a dedicated and trusted third-party to act as the relay.

Conclusion

One of my favorite authors, Douglas Adams, says Space is big. You just won’t believe how vastly, hugely, mind-bogglingly big it is. I mean, you may think it’s a long way down the road to the chemist’s, but that’s just peanuts to space.”

Even if I’m not as entertaining as the Hitchiker’s Guide to the Galaxy, I can at least say that the internet is pretty big too. Most of us are exposed to the internet via public services, but that’s just the tip of the iceberg. There is just so much data hidden below the surface, just out of reach, and hidden deep so nobody can find it without know it’s there.

It might seem dark and mysterious, but at the end of the day these deep and hidden services are just another evolution of the data privacy craze that started millennia ago with basic cyphers and has extended into the data age. I’m 100% confident that encryption will continue to evolve in ways that we could never have imagined.

In the meantime, let me know if there’s any topics around the dark web that you’d like me to dig into in further detail.

What’s a Party Without Potion?

varun@varunhegde.com (Varun Hegde) — Mon, 28 Jul 2025 22:00:32 -0400

If you read my previous post about the latest homebrew batch of mead, you’ll remember that it was called Alchemist’s Gold so that it could be drank at a medieval themed bachelor party. We had a lot of mead in the bucket. Enough, in fact, to make 22 bottles. That’s a case and a half for the bacholor party and 6 for me to take to events or drink at home.

We did a little product photoshoot at home to show the final product in detail.

I’m very proud of how these photos turned out.

Patience is a Virtue (that I do not possess)

In my previous post, I mentioned that the yeast that I used (EC-1118) could theoretically achieve very robust fermentation at high ABV. I also mentioned that it wasn’t 100% clear that the stabilizers I added were working since there was still additional gas in the airlock. Pasteurization could have possibly helped at the risk of changing up the flavor profile.

I bottled it up anyways.

If there was continued fermentation, then I’ve just gifted Sam a case full of exploding bottles. On the other hand, if the stabilizers worked, then no problem, and the residual sugars left in the mead would taste pretty good.

Thankfully, nothing exploded in transit to the West Coast and the bottles arrived safely for their last adventure.

My Cup Runneth Over

From what I heard, the mead was well received… very well received. The bachelor enjoyed the mead and it looks like they made some new friends too.

Truly a bachelor party fit for royalty.

Did I mention they had hatchets? Nobody was harmed during this process, which is pretty impressive when you consider bachelor parties’ normal track records

I think I can consider myself pretty fortunate that my friends appreciate my unusual hobbies.

Alchemists Gold

varun@varunhegde.com (Varun Hegde) — Tue, 27 May 2025 22:16:15 -0400

The Birth of Alchemist’s Gold

Homebrew No. 5, the latest large batch of mead, finally has a name! My buddy is going to a medieval themed bachelor party. What goes better for the medieval theme than your own brew?! Of course, since I’m not actually a huge fan of the last batch in it’s fully dry state, I’ve decided to backsweeten the batch, in the process creating… ALCHEMIST’S GOLD. Ok Sam came up with with that name, but I do think it’s fitting for a mead that is magically golden and a sweet transmutation of honey into something you can drink any time.

Here’s the label

You may notice the unusual 12% to 15% ABV at the bottom. It’s not a typo, I actually am not entirely sure what the actual ABV is. If the pre-stabilization mead fully digested all residual sugar, I’d expect the base brew to be 12% ABV. Unfortunately, stabilization is a challenging beast.

Stabilization Procedure

I loosely followed stabilization processes that I found online.

Start with a completed secondary ferment
Stir in 1/2 tsp/gal of potassium metabisulfite - is this too much? Please comment if you have expertise on this
Wait 24h
Stir in 1/2 tsp/gal of potassium sorbate
Wait another 24h
Stir in 8 oz of Crystal’s Wildflower Honey to backsweeten. The picture above is waht the backsweeteening must looks like. Maybe I should have pasteurized this?

You’d think this should work and we should have a sweeter 12% wine. You’d think wrongly though.

My Mead Could Use a Therapist – It’s Alive and Unstable

The wine in the bucket seems to be fermenting again.

For the uninitiated, the picture on the left is a picture of the airlock on the bucket of mead, directly after stabilization and backsweetening. You can see the water levels in the two bulbs. The left side is slightly below the “max” level and the right side is slightly above. Six hours later, the water levels are reversed. That’s a sign that the backsweetened mixture is offgassing something, but there shouldn’t be any new gases generated. Unless of course, the yeast in the mead has started fermenting all over again. Great.

The water level is obviously changing as a result of increased air pressure in the headspace in the bucket. Or is it? For you Physics PhDs, there are actually alternatives that could cause the increased air pressure. None of them have me particularly convinced but I might as well include them.

Fermentation creates CO2. Some of that CO2 dissolves, especially under pressure. It’s been over 15 years since I’ve done any of that math, so ~~I’ll leave it to you as an exercise~~ I’m going to just spitball here. The previously fully fermented mead has no residual sugar left so the stabilized mead has no nucleation points for CO2 to fall out of solution. When I add the honey and mix, this disturbs the solution and causes some to bubble out.
When I open the container, the air pressure equalizes to the room. During the day, the bucket heats up just enough to force vapor pressure higher in the bucket. Again, been over a decade since I did this math, but hopefully somebody else can chime in.

Oh the Places You’ll Go

This batch tastes much better once backsweetened. Because of the additional residual sugar and the possibility of continued fermentation, I’m actually not confident it will stop at 15% ABV. EC-1118, the yeast that I used for fermentation is known for “robust and reliable fermentation” especially when fermenting the base for sparkling wines and for in bottle fermentation to make a wine fizzy. In other words - this yeast will knock your socks off. In fact, the yeast is alcohol tolerant up to 18% ABV.

Since I know I’ll need to bottle before mid-June and it’s clear that the stabilizers aren’t doing their job correctly, I’ll probably need pasteurize this batch. If anybody knows if it’s a bad idea to use my sous vide machine on mead, please comment.

Homebrew No 5

varun@varunhegde.com (Varun Hegde) — Mon, 19 May 2025 18:01:06 -0400

Just cracked open batch number 5 of my homebrewed mead. I initially made two batches of mead using Crystal’s Wildflower Honey. The must of the first batch was made with 10 lbs of honey, 1 quart of maple syrup, and enough water to fill the remainder of volume of a 5 gallon HDPE food-safe bucket. I used 2 packets of Lalvin EC-1118 to get the fermentation process going. The must very obviously could have just used 1 packet though.

The first batch ran through primary ferment slowly compared to the last few batches that I made. I suspect that this is the largest batch I’ve made to date. All the early batches were 1 gallon total volume. I also started this batch during late summer… not sure if the A/C made the fermentation run at a lower temperature or not. This batch ran primary fermentation from July ‘24 to December ‘24. After December ‘24, I re-racked the bucket into anotehr 5 gallon bucket for a secondary fermentation. I’ve added no stabilizers so far.

As a result of the extended primary fermentation and now 6-month secondary fermentation, there should be effectively zero residual sugar left in the batch. I didn’t do specific gravity testing before or after the fermentation completed. Assuming that the wine is fermented to zero residual sugar, back of the envelope calculations suggest that this batch yields 12% to 15% ABV.

I do not envy you the headache you will have when you awaken

The mead aroma is honey forward with a virant plank-like smell. At room temperature its almost a “thin” smell. I don’t love the smell to be honest. The raw honey is obviously really sweet to the nose. It has a rich golden color and almost a sandy this texture on account of the water evaporation over time.

On tasting: very dry. Zero residual sugar or sweetness. The mead tasted grassy and floral. I can’t tell if this is the wildflowerness of the thoney. It’s very aggressive on the nose from the high alcohol content too. You can easily taste how strong this batch is.

The raw honey itself is sweet but not cloyingly so. It has a depth to it. There’s a sandy texture that I mentioned before, which seems to be caused by sugar crystallizing out of suspension. Honestly as far as honey goes this is pretty neutral and doesn’t really have a specific taste outside the green and floral aromas. Those influence the taste profile, but not too much

I tried backsweetening the room temperature mead with 1 teaspoon of honey to two teaspoons of mead. It was obviously sweeter. Was it better? Sugar is basically crack, so yes. However, after backsweetening the taste mostly became honey forward with no subtlety. Sure, the sweetness of the honey added depth but it became almost boring.

When chilled, the mead is still very floral scented, but the grassy taste completely disappears. It tastes better to me, but also very similar to a basic Pinot Grigio. If you’re allergic to grapes or gluten then this would be a very refreshing drink on a hot Summer day.

The Experimental Batch

What it really needs is secondary flavor and aromatic depth. Something that piques your interest and takes this fr oma good drink for abeer pong to the kind of drink you could bring to a summer barbecue (barbeque? idk, not my wheelhouse).

As it turns out, Jessie actually had the bright idea to do this before we even started. Our last experimental batch of mead (1 gallon, roughly 5 bottles) used a significant portion of maple syrup. We ran out of that so the big batch didn’t have enough of that, and the experimental batch needed another treatment. Jessie picked an amazing combo of lemon zest and Earl Grey tea, and I tossed in some juniper berries for a little kick.

This experimental batch (name TBD) was easily our best batch ever. It was so good that we actually don’t know how it tastes after secondary ferment and againg because we drank the whole gallon batch on New Year’s Eve with our buddies. We’re definitely going to make another one of those some time.

Cabin Fever III - Basic Plans

varun@varunhegde.com (Varun Hegde) — Tue, 25 Mar 2025 22:00:28 -0400

I’ve spent the better part of a month doing some basic design work on the cabin I mentioned in Cabin Fever and Part II

If you get seasick or motion sick, I’m sorry… take your daily dose of dramamine right now. If you have tips on how to make better animations in SketchUp 2017, let me know!

Summary

The cabin will be a basic stick frame structure supported 4’ above the ground on concrete piers and posts. It’ll measure 19.5’ wide by 30’ deep. The rim joists and floor joists will be 2x10s. Exterior walls will be framed with 2x6s while interior walls will (tentatively) be framed with 2x4s.

The ceiling joists, rafters and ridge will be 2x6s as well.

Both roof and side sheathing will be OSB or Zip-R, haven’t decided yet, but I suppose it really boils down to preference.

Deck support posts will be 6x6 and the decking itself will either have to be cedar or pine. I’m cheap, probably pine.

I’ll go into more details in future posts. With the high level out of the way - here’s the animated design:

And some other still views of the building

Somewhat Isometric

Front	Side	Bottom

Cabin Fever II - My Cabin

varun@varunhegde.com (Varun Hegde) — Wed, 19 Feb 2025 21:20:55 -0500

Last month I mentioned in Cabin Fever that it’s not worth the effort of letting envy take hold of you. Ironically, I’ve since done exactly that in the most literal of ways.

I watched dozens of hours of men building remote cabins in remote corners of Wisconsin in one of my latest YouTube binges. This guy @Bushradical has got me particularly jealous. To be fair, I know nothing of the rest of his life, but the pieces he publicizes look positively serene.

Not surprisingly, I now want a remote cabin of my own to spend time reflecting at. As any other man on a budget who grew up building with Lego sets, I want to build it myself. Is this nuts? Maybe, but a little planning and a can do attitude go a long way. Worst case scenario - I ordered duct tape from Costco that one time. I’ve heard that the tensile strength of duct tape is pretty much on par with concrete so no problem (MechE’s out there - I’m kidding!).

From here on out I’m going to post progress updates on my designs and plans. There are a couple separate stages, but for now I think it makes sense to start with a very basic cabin design alongside some basic criteria for the land on which to build. With these two sets of plans in mind, I’ll actually be able to search and implement.

Location

I’d like it to be close enough to go for a weekend trip, but far enough to be inconvenient for a casual non-emergency day trip. Maybe 2-3 hours driving from Manhattan, NYC. That leaves the Hudson Valley and maybe some areas of Pennsylvania near the Catskills/Adirondacks.

Base Characteristics of the Plot

Size - I grew up on a quarter acre in the suburbs. I currently live in a 750 square foot apartment. I’m leaning towards between 5 and 50 acres. The wildly large range should allow flexibility for availability. Sometimes there just aren’t plots available for sale at a reasonble price for the value.
Slope - There needs to be at least 1 flattish section, and ideally enough flat areas to provide a long driveway to a secluded clearing for the cabin.

Utilities

Needs to be accessible to electric or solar. Gas would be great. Must be able to do provide clean running water and plumbing, whether well+septic or public services.

The Vibes (Characteristics of the Plot)

I love the fall colors and the privacy that tree cover provides. Therefore the space should be wooded with ample full grown trees. A mix of maple and some native evergreen types would be conducive to keeping the plot sustainable, but I’ll need to consult with local forestry organizations.

I could use a small stream to power some primitive tooling while figuring out longer term power. The stream could also just be purely cosmetic, I’m not too picky.

Budget

Land - I haven’t thought this far ahead. For now, it’s just a pipe dream. Some rough math suggests that the land alone is going to be between $10k and $50k per acre. For the sake of argument let’s pick $20k and say that nets to $200k for 10 acres.
Materials - expecting between and $100 per square foot, but I’m going to complete my design and actually cost out every piece with overages to get a proper budget.
- For a very rough 200 sq. ft. cabin (10’x20’), I should expect at least $20k in materials cost.
- For a 1200 sq. ft. cabin (30’x40’), therefore, I should expect to spend $120k in materials alone.

Endnote

I’ll probably need a pickup truck at some point. Never thought that would be the first car I’d buy, but it would be pretty funny so I’m writing it down for posterity’s sake.

Cabin Fever

varun@varunhegde.com (Varun Hegde) — Sun, 05 Jan 2025 15:35:01 -0500

I read a piece by Shalom Auslander on the Dangers of Substack for the Chronically Low Self-Esteemed recently. The piece is from Aug ‘23 but it’s timeless nonetheless.

Auslander explores his envy via George Saunders’ literal cabin (and retreats) as a symbol for Saunders’ relative success. Somewhere in his particularly vulgar and entertaining writing style, you can tease out partial attribution of the envy to just being a writer. I think it’s deeper than that.

Comparison to the most extreme right tail is just part of being a person. It’s really easy to compare oneself to the most successful ideal outcome - we’re pretty well attuned to what that could be.

Maybe Shalom can be better at suppressing the envy, maybe he can’t.

I say it’s not even worth the effort.

Better to just take the emotion and speedrun through it. I feel peace if I can quickly get through the following questions and get back to life:

are they more successful?
are they satisfied?
am I good at what I do?
am I satisfied?
Will I ever be satisfied?
what would get me there?

I bet there’s a strong correlation of envy to cabin fever. When you’re stuck inside or in isolation more often, you have way more time to compare yourself to others.

I don’t want to sound like a self-help book, but my best bet is that if Shalom leaves Panera and gets more exposure to the world outside of the cabin, he’ll worry less about whether his follow count is high enough.

Backing Away From Brainrot

varun@varunhegde.com (Varun Hegde) — Wed, 01 Jan 2025 12:53:13 -0500

Lately, I’ve felt a cognitive dullness… a brainrot. I don’t have an exact definition for brainrot and I’m not going to check a dictionary. No need, if you’ve been living in the modern world you know exactly what I mean.

That feeling might just be a part of aging, but I suspect that it’s really driven by consuming short videos from whatever the service-du-jour is (TikTok, SnapChat, Facebook, Instagram, Twitter, YouTube, etc.). For what it’s worth, a lot of experts agree with me too.

So, I’m going to start producing, instead of consuming. I couldn’t care less if anybody actually reads my work, so let’s call it public (non-)consumption.

why public (non-)consumption?

You might wonder why anybody would publish publicly with no expectation of feedback.

I’ve been a content consumer for as long as I can remember. It just makes sense. When you’re growing up, and you’re brain is developing, your theories may be original to you. Those ideas will lack context though. Most people would find them naive or lacking nuance. And so you are encouraged to learn by reading others’ work, looking at photos, watching videos, and so on.

Now I’m slightly older, and I hope that the very act of curating and focusing my thoughts for public (non-)consumption will help develop mental acuity and reverse the brainrot.

Finance on Over the Hedge

You Can't Eat Sharpe

A Primer on the Sharpe Ratio

Which fund does Ivan pick?

Which fund SHOULD Ivan pick?

A brief aside on leverage and risk managment

The Fine Dining Experience

A Real Example

What’s the Problem?

Parting Thoughts

Footnotes

I Was the Spam All Along

A brief detour on DOS-ing systems

Back to E-mail

footnotes

A Quick Business Discussion

contents

the process

some disclaimers

defining the problem and solution

getting data (corpus?[3] )

exploratory data analysis

1. subject line

2. from address

3. bro sign up for my course (free dictionary included)

4. “quick question for you, varunhegde.com”

constructing features

training and testing the model

results

running in production?

footnotes

The dark web 101: what it is, how it works, and why people use it

The Modern Internet

A Flash of Light as the Birth of the Web

Packet Switching, ARPANET, and TCP/IP

HTTP/HTTPS

Summary

Some Definitions

Who Needs the Darkweb?

The Onion Router

Operational Security (OpSec) Considerations

Common mistakes that put you at risk

Frequently Asked Questions

1. Is the dark web illegal?

2. Can the police track TOR usage?

3. What’s the difference between Tor and VPNs?

Conclusion

What’s a Party Without Potion?

Patience is a Virtue (that I do not possess)

My Cup Runneth Over

Alchemists Gold

The Birth of Alchemist’s Gold

Stabilization Procedure

My Mead Could Use a Therapist – It’s Alive and Unstable

Oh the Places You’ll Go

Homebrew No 5

I do not envy you the headache you will have when you awaken

The Experimental Batch

Cabin Fever III - Basic Plans

Summary

Cabin Fever II - My Cabin

Location

Base Characteristics of the Plot

Utilities

The Vibes (Characteristics of the Plot)

Budget

Endnote

Cabin Fever

Backing Away From Brainrot

why public (non-)consumption?

getting data (corpus?^[3] )