2026-04-15
Immutable Systems: NixOS + systemd-repart + systemd-sysupdate
x86.lol/generic/2024/08/28/systemd-sysupdate.htmlWhen you build software for embedded devices (your Wi-Fi router or home automation setup on your Raspberry Pi), there is always the question how to build these images and how to update them.
2026-02-25
Finding the Bottom Turtle · blog.dave.tf
blog.dave.tf/post/finding-bottom-turtleSome reflections on trusting trust, and how deep the rabbit hole goes.
2025-12-17
A security model for systemd
lwn.net/Articles/1042888Poettering said that he does have a vision for how all of the security-related pieces of systemd are meant to fit together. He wanted to use his talk to explain ""how the individual security-related parts of systemd actually fit together and why they exist in the first place"".
2025-11-18
Patterns for Defensive Programming in Rust | corrode Rust Consulting
corrode.dev/blog/defensive-programming[...] hard-learned patterns to write more defensive Rust code, learned throughout years of shipping Rust code to production. I’m not talking about design patterns here, but rather small idioms, which are rarely documented, but make a big difference in the overall code quality.
2025-07-03
Rewriting Kafka in Rust Async: Insights and Lessons Learned in Rust | Rex Wang
wangjunfei.com/2025/06/18/Rewriting-Kafka-in-Rust-Async-Insights-and-Lessons-LearnedRex Wangs blog
2025-06-27
How fast are Linux pipes anyway?
mazzo.li/posts/fast-pipes.htmlPipes are ubiquitous in Unix --- but how fast can they go on Linux? In this post we'll iteratively improve a simple pipe-writing benchmark from 3.5GiB/s to 65GiB/s, guided by Linux
perf.
2025-04-28
Nick Appleton’s blog and stuff - Building a digital filter for use in synthesisers
www.appletonaudio.com/blog/2022/building-a-digital-filter-for-use-in-synthesisersThis is a tutorial on how to build a digital implementation of a 2nd-order, continuously-variable filter (i.e. one where you can change the parameters runtime) that has dynamic behaviour that mimics an analogue filter.
2025-03-19
Comptime Zig ORM
matklad.github.io/2025/03/19/comptime-zig-orm.htmlThis post can be considered an advanced Zig tutorial. I will be covering some of the more unique
aspects of the language, but won't be explaining the easy part. If you haven't read the Zig
Language Reference, you might start there. Additionally,
we will also learn the foundational trick for implementing relational model.
2025-01-22
Packer: How to Build NixOS 24 Snapshot on Hetzner Cloud - Developer Friendly Blog
developer-friendly.blog/blog/2025/01/20/packer-how-to-build-nixos-24-snapshot-on-hetzner-cloudStep-by-step guide to building a NixOS 24 snapshot on Hetzner Cloud using Packer, with complete configuration files and OpenTofu deployment examples.
Building a tiny Linux from scratch
blinry.org/tiny-linuxLast week, I built a tiny Linux system from scratch, and booted it on my laptop!
2024-11-27
April King — Handling Cookies is a Minefield
grayduck.mn/2024/11/21/handling-cookies-is-a-minefieldDiscrepancies in how browsers and libraries handle HTTP cookies, and the problems caused by such things.
2024-11-20
Why I love Rust for tokenising and parsing
xnacly.me/posts/2024/rust-pldevMacros, iterators, patterns, error handling and match make Rust almost perfect
2024-11-19
Using Nix to Fuzz Test a PDF Parser (Part One)
mtlynch.io/nix-fuzz-testing-1Fuzz testing is a technique for automatically uncovering bugs in software. The problem is that it’s a pain to set up. Read any fuzz testing tutorial, and the first task is an hour of building tools from source and chasing down dependencies upon dependencies.
I recently found that Nix eliminates a lot of the gruntwork from fuzz testing. I created a Nix configuration that kicks off a fuzz testing workflow with a single command.
2024-09-10
What is the best pointer tagging method?
coredumped.dev/2024/09/09/what-is-the-best-pointer-tagging-methodIn this post, we are going to take a deep dive into pointer tagging, where metadata is encoded into a word-sized pointer. Doing so allows us to keep a compact representation that can be passed around in machine registers. This is very common in implementing dynamic programming languages, but can really be used anywhere that additional runtime information is needed about a pointer. We will look at a handful of different ways these pointers can be encoded and see how the compiler can optimize them for different hardware.
2024-09-07
Elixir Dev Environment With Nix Flakes
www.mathiaspolligkeit.com/elixir-dev-environment-with-nix-flakesIn a previous article, I described how to set use Nix and Niv to configure an Elixir dev environment. This setup can be simplified by using Nix flakes instead of Niv.
2024-07-31
Compiler Options Hardening Guide for C and C++
best.openssf.org/Compiler-Hardening-Guides/Compiler-Options-Hardening-Guide-for-C-and-C++.htmlThe Best Practices for OSS Developers working group is dedicated to raising awareness and education of secure code best practices for open source developers.
2024-07-28
Windows Security best practices for integrating and managing security tools | Microsoft Security Blog
www.microsoft.com/en-us/security/blog/2024/07/27/windows-security-best-practices-for-integrating-and-managing-security-toolsWe examine the recent CrowdStrike outage and provide a technical overview of the root cause.