2026-01-09
Decorative Cryptography
www.dlp.rip/decorative-cryptographyLast year, I came agross a Linux kernel feature called TCG_TPM2_HMAC. It claims to detect or prevent active and passive interposer attackers.
It all sounds really great. We should care about interposer adversaries. It’s great to use the TPM features that were invented to help us with these problems.
2025-12-17
A security model for systemd
lwn.net/Articles/1042888Poettering said that he does have a vision for how all of the security-related pieces of systemd are meant to fit together. He wanted to use his talk to explain ""how the individual security-related parts of systemd actually fit together and why they exist in the first place"".
2025-11-18
Patterns for Defensive Programming in Rust | corrode Rust Consulting
corrode.dev/blog/defensive-programming[...] hard-learned patterns to write more defensive Rust code, learned throughout years of shipping Rust code to production. I’m not talking about design patterns here, but rather small idioms, which are rarely documented, but make a big difference in the overall code quality.
2025-07-07
Rewriting Kafka in Rust Async: Insights and Lessons Learned in Rust | Rex Wang
wangjunfei.com/2025/06/18/Rewriting-Kafka-in-Rust-Async-Insights-and-Lessons-Learned#SummaryAchieving high-performance asynchronous Rust projects transcends mere usage of the async/await syntax; it fundamentally relies on a deep understanding of the underlying task scheduling, lock optimization, and architecture design principles.
2025-06-27
How fast are Linux pipes anyway?
mazzo.li/posts/fast-pipes.htmlPipes are ubiquitous in Unix --- but how fast can they go on Linux? In this post we'll iteratively improve a simple pipe-writing benchmark from 3.5GiB/s to 65GiB/s, guided by Linux
perf.
2025-03-19
Comptime Zig ORM
matklad.github.io/2025/03/19/comptime-zig-orm.htmlThis post can be considered an advanced Zig tutorial. I will be covering some of the more unique
aspects of the language, but won't be explaining the easy part. If you haven't read the Zig
Language Reference, you might start there. Additionally,
we will also learn the foundational trick for implementing relational model.
2024-12-05
Optimization adventures: making a parallel Rust workload 10x faster with (or without) Rayon | Blog | Guillaume Endignoux
gendignoux.com/blog/2024/11/18/rust-rayon-optimized.htmlIn a previous post, I’ve shown how to use the rayon framework in Rust to automatically parallelize a loop computation across multiple CPU cores.
In this post, I’ll first explain which profiling tools I used to chase optimizations, before diving into how I built a faster replacement of Rayon for my use case. In the next post, I’ll describe the other optimizations that made my code much faster. Spoiler alert: copying some data sped up my code!
2024-11-27
April King — Handling Cookies is a Minefield
grayduck.mn/2024/11/21/handling-cookies-is-a-minefieldDiscrepancies in how browsers and libraries handle HTTP cookies, and the problems caused by such things.
2024-10-18
Optimizing Mandelbrot Generation with SIMD
bumbershootsoft.wordpress.com/2024/01/27/optimizing-mandelbrot-generation-with-simd2024-10-12
Dependency Management Data
dmd.tanna.dev2024-09-19
How to Build a Small Solar Power System
solar.lowtechmagazine.com/2023/12/how-to-build-a-small-solar-power-systemThis guide explains everything you need to know to build stand-alone photovoltaic systems that can power almost anything you want.
2024-09-12
Computational Journalism | At the Tow Center for Digital Journalism
compjournalism.comThe course is a hands-on, research-level introduction to the areas of computer science that have a direct relevance to journalism, and the broader project of producing an informed and engaged public $100 installment loan. We study two big ideas: the application of computation to produce journalism (such as data science for investigative reporting), and journalism about areas that involve computation (such as the analysis of credit scoring algorithms.)
2024-09-04
the spatula
www.thespatula.io/rust/rust_io_uring_echo_serverIn this article we build off what we’ve already learned about io_uring and extend that to build an async echo server.
2024-08-29
Overloaded fields, type safety, and you
educatedguesswork.org/posts/text-type-safetyThe underlying problem we are facing here with all these examples is the same: having the same set of bits which can mean two different things and needing some way to distinguish those two meanings. Failure to do so leads to ambiguity at best and serious defects at worst. That's why you see so much emphasis in modern systems on type safety and on strict domain separation between different meanings.
2024-07-31
Revealing the Inner Structure of AWS Session Tokens
medium.com/@TalBeerySec/revealing-the-inner-structure-of-aws-session-tokens-a6c76469cba7TL;DR: A world first reverse engineering analysis of AWS Session Tokens. Prior to our research these tokens were a complete black box…
2024-07-28
Windows Security best practices for integrating and managing security tools | Microsoft Security Blog
www.microsoft.com/en-us/security/blog/2024/07/27/windows-security-best-practices-for-integrating-and-managing-security-toolsWe examine the recent CrowdStrike outage and provide a technical overview of the root cause.
2024-07-15
Calculating Position from Raw GPS Data | Telesens
www.telesens.co/2017/07/17/calculating-position-from-raw-gps-data2024-07-07
Optimizing Large-Scale OpenStreetMap Data with SQLite
jtarchie.com/posts/2024-07-02-optimizing-large-scale-openstreetmap-data-with-sqlite2024-07-04
Finding near-duplicates with Jaccard similarity and MinHash - Made of Bugs
blog.nelhage.com/post/fuzzy-dedup2024-06-20
Even JSONB in Postgres needs schemas
nexteam.co.uk/posette_even_jsonb_in_postgres_needs_schemas.pdfTalk from POSETTE conference