20 random bookmarks

2026-04-15

54.

Immutable Systems: NixOS + systemd-repart + systemd-sysupdate

x86.lol/generic/2024/08/28/systemd-sysupdate.html

When you build software for embedded devices (your Wi-Fi router or home automation setup on your Raspberry Pi), there is always the question how to build these images and how to update them.

2026-04-05

53.

Killing the ISP Appliance: An eBPF/XDP Approach to Distributed BNG

markgascoyne.co.uk/posts/ebpf-bng

An open-source, eBPF-accelerated BNG that runs directly on OLT hardware - eliminating expensive centralised appliances

2026-02-25

52.

Tracking NixOS option values and dependencies | oddlama's blog

oddlama.org/blog/tracking-options-in-nixos

There are thousands of options in NixOS, but as users, we usually only interact with a select few of them. Despite that, a huge amount of those options does influence the final result in some way. Have you ever wondered which of them were actually relevant for your specific system?

2026-01-09

50.

Decorative Cryptography

www.dlp.rip/decorative-cryptography

Last year, I came agross a Linux kernel feature called TCG_TPM2_HMAC. It claims to detect or prevent active and passive interposer attackers.
It all sounds really great. We should care about interposer adversaries. It’s great to use the TPM features that were invented to help us with these problems.

2025-12-17

49.

A security model for systemd

lwn.net/Articles/1042888

Poettering said that he does have a vision for how all of the security-related pieces of systemd are meant to fit together. He wanted to use his talk to explain ""how the individual security-related parts of systemd actually fit together and why they exist in the first place"".

2025-06-27

44.

How fast are Linux pipes anyway?

mazzo.li/posts/fast-pipes.html

Pipes are ubiquitous in Unix --- but how fast can they go on Linux? In this post we'll iteratively improve a simple pipe-writing benchmark from 3.5GiB/s to 65GiB/s, guided by Linux perf.

2025-05-22

43.

Collaborative Text Editing without CRDTs or OT - Matthew Weidner

mattweidner.com/2025/05/21/text-without-crdts.html

This blog post describes an alternative, straightforward approach to collaborative text editing, without Conflict-free Replicated Data Types (CRDTs) or Operational Transformation (OT). By making text editing flexible and easy to DIY, I hope that the approach will let you create rich collaborative apps that are challenging to build on top of a black-box CRDT/OT library.

2024-12-05

34.

Optimization adventures: making a parallel Rust workload 10x faster with (or without) Rayon | Blog | Guillaume Endignoux

gendignoux.com/blog/2024/11/18/rust-rayon-optimized.html

In a previous post, I’ve shown how to use the rayon framework in Rust to automatically parallelize a loop computation across multiple CPU cores.
In this post, I’ll first explain which profiling tools I used to chase optimizations, before diving into how I built a faster replacement of Rayon for my use case. In the next post, I’ll describe the other optimizations that made my code much faster. Spoiler alert: copying some data sped up my code!

2024-11-27

33.

April King — Handling Cookies is a Minefield

grayduck.mn/2024/11/21/handling-cookies-is-a-minefield

Discrepancies in how browsers and libraries handle HTTP cookies, and the problems caused by such things.

2024-11-22

32.

Protecting Signal Keys on Desktop

cryptographycaffe.sandboxaq.com/posts/protecting-signal-desktop-keys

This blogpost describes our investigation and proof of concept to enhance the security of Signal Messenger key management on desktop.

2024-11-13

29.

What I Wish Someone Told Me About Postgres

challahscript.com/what_i_wish_someone_told_me_about_postgres

I want to try to catalog the bits that I wish someone had just told me before working with a Postgres database. Hopefully, this makes things easier for the next person going on a journey similar to mine.

2024-10-12

26.

Dependency Management Data

dmd.tanna.dev

2024-09-19

24.

How to Build a Small Solar Power System

solar.lowtechmagazine.com/2023/12/how-to-build-a-small-solar-power-system

This guide explains everything you need to know to build stand-alone photovoltaic systems that can power almost anything you want.

2024-09-12

23.

Computational Journalism | At the Tow Center for Digital Journalism

compjournalism.com

The course is a hands-on, research-level introduction to the areas of computer science that have a direct relevance to journalism, and the broader project of producing an informed and engaged public $100 installment loan. We study two big ideas: the application of computation to produce journalism (such as data science for investigative reporting), and journalism about areas that involve computation (such as the analysis of credit scoring algorithms.)

2024-09-10

22.

Notes on Distributed Systems for Young Bloods – Something Similar

www.somethingsimilar.com/2013/01/14/notes-on-distributed-systems-for-young-bloods

Below is a list of some lessons I’ve learned as a distributed systems engineer that are worth being told to a new engineer. Some are subtle, and some are surprising, but none are controversial. This list is for the new distributed systems engineer to guide their thinking about the field they are taking on. It’s not comprehensive, but it’s a good beginning.

21.

What is the best pointer tagging method?

coredumped.dev/2024/09/09/what-is-the-best-pointer-tagging-method

In this post, we are going to take a deep dive into pointer tagging, where metadata is encoded into a word-sized pointer. Doing so allows us to keep a compact representation that can be passed around in machine registers. This is very common in implementing dynamic programming languages, but can really be used anywhere that additional runtime information is needed about a pointer. We will look at a handful of different ways these pointers can be encoded and see how the compiler can optimize them for different hardware.

2024-09-07

17.

Elixir Dev Environment With Nix Flakes

www.mathiaspolligkeit.com/elixir-dev-environment-with-nix-flakes

In a previous article, I described how to set use Nix and Niv to configure an Elixir dev environment. This setup can be simplified by using Nix flakes instead of Niv.

2024-07-31

11.

Compiler Options Hardening Guide for C and C++

best.openssf.org/Compiler-Hardening-Guides/Compiler-Options-Hardening-Guide-for-C-and-C++.html

The Best Practices for OSS Developers working group is dedicated to raising awareness and education of secure code best practices for open source developers.

2024-07-28

8.

Windows Security best practices for integrating and managing security tools | Microsoft Security Blog

www.microsoft.com/en-us/security/blog/2024/07/27/windows-security-best-practices-for-integrating-and-managing-security-tools

We examine the recent CrowdStrike outage and provide a technical overview of the root cause.

2024-07-15

7.

Calculating Position from Raw GPS Data | Telesens

www.telesens.co/2017/07/17/calculating-position-from-raw-gps-data