20 random bookmarks

2026-04-05

53.

Killing the ISP Appliance: An eBPF/XDP Approach to Distributed BNG

markgascoyne.co.uk/posts/ebpf-bng

An open-source, eBPF-accelerated BNG that runs directly on OLT hardware - eliminating expensive centralised appliances

2026-02-25

51.

Finding the Bottom Turtle · blog.dave.tf

blog.dave.tf/post/finding-bottom-turtle

Some reflections on trusting trust, and how deep the rabbit hole goes.

2026-01-09

50.

Decorative Cryptography

www.dlp.rip/decorative-cryptography

Last year, I came agross a Linux kernel feature called TCG_TPM2_HMAC. It claims to detect or prevent active and passive interposer attackers.
It all sounds really great. We should care about interposer adversaries. It’s great to use the TPM features that were invented to help us with these problems.

2025-06-27

44.

How fast are Linux pipes anyway?

mazzo.li/posts/fast-pipes.html

Pipes are ubiquitous in Unix --- but how fast can they go on Linux? In this post we'll iteratively improve a simple pipe-writing benchmark from 3.5GiB/s to 65GiB/s, guided by Linux perf.

2025-05-22

43.

Collaborative Text Editing without CRDTs or OT - Matthew Weidner

mattweidner.com/2025/05/21/text-without-crdts.html

This blog post describes an alternative, straightforward approach to collaborative text editing, without Conflict-free Replicated Data Types (CRDTs) or Operational Transformation (OT). By making text editing flexible and easy to DIY, I hope that the approach will let you create rich collaborative apps that are challenging to build on top of a black-box CRDT/OT library.

2025-01-22

36.

Packer: How to Build NixOS 24 Snapshot on Hetzner Cloud - Developer Friendly Blog

developer-friendly.blog/blog/2025/01/20/packer-how-to-build-nixos-24-snapshot-on-hetzner-cloud

Step-by-step guide to building a NixOS 24 snapshot on Hetzner Cloud using Packer, with complete configuration files and OpenTofu deployment examples.

35.

Building a tiny Linux from scratch

blinry.org/tiny-linux

Last week, I built a tiny Linux system from scratch, and booted it on my laptop!

2024-11-22

32.

Protecting Signal Keys on Desktop

cryptographycaffe.sandboxaq.com/posts/protecting-signal-desktop-keys

This blogpost describes our investigation and proof of concept to enhance the security of Signal Messenger key management on desktop.

2024-11-19

30.

Using Nix to Fuzz Test a PDF Parser (Part One)

mtlynch.io/nix-fuzz-testing-1

Fuzz testing is a technique for automatically uncovering bugs in software. The problem is that it’s a pain to set up. Read any fuzz testing tutorial, and the first task is an hour of building tools from source and chasing down dependencies upon dependencies.
I recently found that Nix eliminates a lot of the gruntwork from fuzz testing. I created a Nix configuration that kicks off a fuzz testing workflow with a single command.

2024-10-12

26.

Dependency Management Data

dmd.tanna.dev

2024-09-25

25.

Web Browser Engineering

browser.engineering

Web browsers are ubiquitous, but how do they work? This book explains, building a basic but complete web browser, from networking to JavaScript, in a couple thousand lines of Python.

2024-09-19

24.

How to Build a Small Solar Power System

solar.lowtechmagazine.com/2023/12/how-to-build-a-small-solar-power-system

This guide explains everything you need to know to build stand-alone photovoltaic systems that can power almost anything you want.

2024-09-07

17.

Elixir Dev Environment With Nix Flakes

www.mathiaspolligkeit.com/elixir-dev-environment-with-nix-flakes

In a previous article, I described how to set use Nix and Niv to configure an Elixir dev environment. This setup can be simplified by using Nix flakes instead of Niv.

2024-07-31

12.

Revealing the Inner Structure of AWS Session Tokens

medium.com/@TalBeerySec/revealing-the-inner-structure-of-aws-session-tokens-a6c76469cba7

TL;DR: A world first reverse engineering analysis of AWS Session Tokens. Prior to our research these tokens were a complete black box…

11.

Compiler Options Hardening Guide for C and C++

best.openssf.org/Compiler-Hardening-Guides/Compiler-Options-Hardening-Guide-for-C-and-C++.html

The Best Practices for OSS Developers working group is dedicated to raising awareness and education of secure code best practices for open source developers.

10.

Build your own SQS or Kafka with Postgres

blog.sequinstream.com/build-your-own-sqs-or-kafka-with-postgres

We're Sequin, an open source message stream built on Postgres. We think Sequin's cool, but you don't need to adopt the project to get started with streaming in Postgres. In fact, you can turn Postgres into a basic queue/stream pretty easily. Below, we share what we've learned so you

2024-07-15

7.

Calculating Position from Raw GPS Data | Telesens

www.telesens.co/2017/07/17/calculating-position-from-raw-gps-data

2024-07-07

6.

Optimizing Large-Scale OpenStreetMap Data with SQLite

jtarchie.com/posts/2024-07-02-optimizing-large-scale-openstreetmap-data-with-sqlite

2024-06-20

2.

Even JSONB in Postgres needs schemas

nexteam.co.uk/posette_even_jsonb_in_postgres_needs_schemas.pdf

Talk from POSETTE conference

2024-06-09

1.

So You Want To Build A Browser Engine

robert.ocallahan.org/2024/06/browser-engine.html