20 random bookmarks

2026-02-25

51.

Finding the Bottom Turtle · blog.dave.tf

blog.dave.tf/post/finding-bottom-turtle

Some reflections on trusting trust, and how deep the rabbit hole goes.

2025-12-17

49.

A security model for systemd

lwn.net/Articles/1042888

Poettering said that he does have a vision for how all of the security-related pieces of systemd are meant to fit together. He wanted to use his talk to explain ""how the individual security-related parts of systemd actually fit together and why they exist in the first place"".

2025-08-27

47.

Inside Windows 3

www.xtof.info/inside-windows3.html

Windows 3 is often said to be just an UI on top of DOS. This article presents some of the inner side of Windows 3.x and will show that it is more ambitious and advanced than that.

2025-05-22

43.

Collaborative Text Editing without CRDTs or OT - Matthew Weidner

mattweidner.com/2025/05/21/text-without-crdts.html

This blog post describes an alternative, straightforward approach to collaborative text editing, without Conflict-free Replicated Data Types (CRDTs) or Operational Transformation (OT). By making text editing flexible and easy to DIY, I hope that the approach will let you create rich collaborative apps that are challenging to build on top of a black-box CRDT/OT library.

2024-11-27

33.

April King — Handling Cookies is a Minefield

grayduck.mn/2024/11/21/handling-cookies-is-a-minefield

Discrepancies in how browsers and libraries handle HTTP cookies, and the problems caused by such things.

2024-11-22

32.

Protecting Signal Keys on Desktop

cryptographycaffe.sandboxaq.com/posts/protecting-signal-desktop-keys

This blogpost describes our investigation and proof of concept to enhance the security of Signal Messenger key management on desktop.

2024-11-19

30.

Using Nix to Fuzz Test a PDF Parser (Part One)

mtlynch.io/nix-fuzz-testing-1

Fuzz testing is a technique for automatically uncovering bugs in software. The problem is that it’s a pain to set up. Read any fuzz testing tutorial, and the first task is an hour of building tools from source and chasing down dependencies upon dependencies.
I recently found that Nix eliminates a lot of the gruntwork from fuzz testing. I created a Nix configuration that kicks off a fuzz testing workflow with a single command.

2024-11-07

28.

Model Predictive Control in the browser with WebAssembly | garethx

garethx.com/posts/cart-pole-mpc

Commentary on software, robotics, and computer vision.

2024-10-12

26.

Dependency Management Data

dmd.tanna.dev

2024-09-25

25.

Web Browser Engineering

browser.engineering

Web browsers are ubiquitous, but how do they work? This book explains, building a basic but complete web browser, from networking to JavaScript, in a couple thousand lines of Python.

2024-09-12

23.

Computational Journalism | At the Tow Center for Digital Journalism

compjournalism.com

The course is a hands-on, research-level introduction to the areas of computer science that have a direct relevance to journalism, and the broader project of producing an informed and engaged public $100 installment loan. We study two big ideas: the application of computation to produce journalism (such as data science for investigative reporting), and journalism about areas that involve computation (such as the analysis of credit scoring algorithms.)

2024-09-10

22.

Notes on Distributed Systems for Young Bloods – Something Similar

www.somethingsimilar.com/2013/01/14/notes-on-distributed-systems-for-young-bloods

Below is a list of some lessons I’ve learned as a distributed systems engineer that are worth being told to a new engineer. Some are subtle, and some are surprising, but none are controversial. This list is for the new distributed systems engineer to guide their thinking about the field they are taking on. It’s not comprehensive, but it’s a good beginning.

2024-09-07

18.

About

www.braggoscope.com/about

Explore the In Our Time archive.

2024-09-04

16.

the spatula

www.thespatula.io/rust/rust_io_uring_echo_server

In this article we build off what we’ve already learned about io_uring and extend that to build an async echo server.

2024-09-02

15.

Timeseries Indexing at Scale - Artem Krylysov

artem.krylysov.com/blog/2024/06/28/timeseries-indexing-at-scale

2024-08-19

13.

JTAG Hacking with a Raspberry Pi - Introducing the PiFex

voidstarsec.com/blog/jtag-pifex

JTAG for Reverse Engineers

2024-07-31

11.

Compiler Options Hardening Guide for C and C++

best.openssf.org/Compiler-Hardening-Guides/Compiler-Options-Hardening-Guide-for-C-and-C++.html

The Best Practices for OSS Developers working group is dedicated to raising awareness and education of secure code best practices for open source developers.

2024-07-07

6.

Optimizing Large-Scale OpenStreetMap Data with SQLite

jtarchie.com/posts/2024-07-02-optimizing-large-scale-openstreetmap-data-with-sqlite

2024-07-04

5.

Finding near-duplicates with Jaccard similarity and MinHash - Made of Bugs

blog.nelhage.com/post/fuzzy-dedup

2024-06-20

2.

Even JSONB in Postgres needs schemas

nexteam.co.uk/posette_even_jsonb_in_postgres_needs_schemas.pdf

Talk from POSETTE conference