20 random bookmarks

2026-01-09

50.

Decorative Cryptography

www.dlp.rip/decorative-cryptography

Last year, I came agross a Linux kernel feature called TCG_TPM2_HMAC. It claims to detect or prevent active and passive interposer attackers.
It all sounds really great. We should care about interposer adversaries. It’s great to use the TPM features that were invented to help us with these problems.

2025-08-27

47.

Inside Windows 3

www.xtof.info/inside-windows3.html

Windows 3 is often said to be just an UI on top of DOS. This article presents some of the inner side of Windows 3.x and will show that it is more ambitious and advanced than that.

2025-07-03

45.

Rewriting Kafka in Rust Async: Insights and Lessons Learned in Rust | Rex Wang

wangjunfei.com/2025/06/18/Rewriting-Kafka-in-Rust-Async-Insights-and-Lessons-Learned

Rex Wangs blog

2025-05-22

43.

Collaborative Text Editing without CRDTs or OT - Matthew Weidner

mattweidner.com/2025/05/21/text-without-crdts.html

This blog post describes an alternative, straightforward approach to collaborative text editing, without Conflict-free Replicated Data Types (CRDTs) or Operational Transformation (OT). By making text editing flexible and easy to DIY, I hope that the approach will let you create rich collaborative apps that are challenging to build on top of a black-box CRDT/OT library.

2025-04-28

41.

Nick Appleton’s blog and stuff - Building a digital filter for use in synthesisers

www.appletonaudio.com/blog/2022/building-a-digital-filter-for-use-in-synthesisers

This is a tutorial on how to build a digital implementation of a 2nd-order, continuously-variable filter (i.e. one where you can change the parameters runtime) that has dynamic behaviour that mimics an analogue filter.

2024-11-27

33.

April King — Handling Cookies is a Minefield

grayduck.mn/2024/11/21/handling-cookies-is-a-minefield

Discrepancies in how browsers and libraries handle HTTP cookies, and the problems caused by such things.

2024-11-22

32.

Protecting Signal Keys on Desktop

cryptographycaffe.sandboxaq.com/posts/protecting-signal-desktop-keys

This blogpost describes our investigation and proof of concept to enhance the security of Signal Messenger key management on desktop.

2024-11-20

31.

Why I love Rust for tokenising and parsing

xnacly.me/posts/2024/rust-pldev

Macros, iterators, patterns, error handling and match make Rust almost perfect

2024-11-19

30.

Using Nix to Fuzz Test a PDF Parser (Part One)

mtlynch.io/nix-fuzz-testing-1

Fuzz testing is a technique for automatically uncovering bugs in software. The problem is that it’s a pain to set up. Read any fuzz testing tutorial, and the first task is an hour of building tools from source and chasing down dependencies upon dependencies.
I recently found that Nix eliminates a lot of the gruntwork from fuzz testing. I created a Nix configuration that kicks off a fuzz testing workflow with a single command.

2024-10-18

27.

Optimizing Mandelbrot Generation with SIMD

bumbershootsoft.wordpress.com/2024/01/27/optimizing-mandelbrot-generation-with-simd

2024-09-19

24.

How to Build a Small Solar Power System

solar.lowtechmagazine.com/2023/12/how-to-build-a-small-solar-power-system

This guide explains everything you need to know to build stand-alone photovoltaic systems that can power almost anything you want.

2024-09-12

23.

Computational Journalism | At the Tow Center for Digital Journalism

compjournalism.com

The course is a hands-on, research-level introduction to the areas of computer science that have a direct relevance to journalism, and the broader project of producing an informed and engaged public $100 installment loan. We study two big ideas: the application of computation to produce journalism (such as data science for investigative reporting), and journalism about areas that involve computation (such as the analysis of credit scoring algorithms.)

2024-09-07

18.

About

www.braggoscope.com/about

Explore the In Our Time archive.

17.

Elixir Dev Environment With Nix Flakes

www.mathiaspolligkeit.com/elixir-dev-environment-with-nix-flakes

In a previous article, I described how to set use Nix and Niv to configure an Elixir dev environment. This setup can be simplified by using Nix flakes instead of Niv.

2024-09-02

15.

Timeseries Indexing at Scale - Artem Krylysov

artem.krylysov.com/blog/2024/06/28/timeseries-indexing-at-scale

2024-08-29

14.

Overloaded fields, type safety, and you

educatedguesswork.org/posts/text-type-safety

The underlying problem we are facing here with all these examples is the same: having the same set of bits which can mean two different things and needing some way to distinguish those two meanings. Failure to do so leads to ambiguity at best and serious defects at worst. That's why you see so much emphasis in modern systems on type safety and on strict domain separation between different meanings.

2024-07-31

12.

Revealing the Inner Structure of AWS Session Tokens

medium.com/@TalBeerySec/revealing-the-inner-structure-of-aws-session-tokens-a6c76469cba7

TL;DR: A world first reverse engineering analysis of AWS Session Tokens. Prior to our research these tokens were a complete black box…

2024-07-28

8.

Windows Security best practices for integrating and managing security tools | Microsoft Security Blog

www.microsoft.com/en-us/security/blog/2024/07/27/windows-security-best-practices-for-integrating-and-managing-security-tools

We examine the recent CrowdStrike outage and provide a technical overview of the root cause.

2024-07-15

7.

Calculating Position from Raw GPS Data | Telesens

www.telesens.co/2017/07/17/calculating-position-from-raw-gps-data

2024-07-04

5.

Finding near-duplicates with Jaccard similarity and MinHash - Made of Bugs

blog.nelhage.com/post/fuzzy-dedup