An open-source, eBPF-accelerated BNG that runs directly on OLT hardware - eliminating expensive centralised appliances

There are thousands of options in NixOS, but as users, we usually only interact with a select few of them. Despite that, a huge amount of those options does influence the final result in some way. Have you ever wondered which of them were actually relevant for your specific system?

Last year, I came agross a Linux kernel feature called TCG_TPM2_HMAC. It claims to detect or prevent active and passive interposer attackers.
It all sounds really great. We should care about interposer adversaries. It’s great to use the TPM features that were invented to help us with these problems.

Poettering said that he does have a vision for how all of the security-related pieces of systemd are meant to fit together. He wanted to use his talk to explain ""how the individual security-related parts of systemd actually fit together and why they exist in the first place"".

[...] hard-learned patterns to write more defensive Rust code, learned throughout years of shipping Rust code to production. I’m not talking about design patterns here, but rather small idioms, which are rarely documented, but make a big difference in the overall code quality.

Achieving high-performance asynchronous Rust projects transcends mere usage of the async/await syntax; it fundamentally relies on a deep understanding of the underlying task scheduling, lock optimization, and architecture design principles.

Pipes are ubiquitous in Unix --- but how fast can they go on Linux? In this post we'll iteratively improve a simple pipe-writing benchmark from 3.5GiB/s to 65GiB/s, guided by Linux perf.

This is a tutorial on how to build a digital implementation of a 2nd-order, continuously-variable filter (i.e. one where you can change the parameters runtime) that has dynamic behaviour that mimics an analogue filter.

This post can be considered an advanced Zig tutorial. I will be covering some of the more unique
aspects of the language, but won't be explaining the easy part. If you haven't read the Zig
Language Reference, you might start there. Additionally,
we will also learn the foundational trick for implementing relational model.

Last week, I built a tiny Linux system from scratch, and booted it on my laptop!

Discrepancies in how browsers and libraries handle HTTP cookies, and the problems caused by such things.

Commentary on software, robotics, and computer vision.

Web browsers are ubiquitous, but how do they work? This book explains, building a basic but complete web browser, from networking to JavaScript, in a couple thousand lines of Python.

This guide explains everything you need to know to build stand-alone photovoltaic systems that can power almost anything you want.

Below is a list of some lessons I’ve learned as a distributed systems engineer that are worth being told to a new engineer. Some are subtle, and some are surprising, but none are controversial. This list is for the new distributed systems engineer to guide their thinking about the field they are taking on. It’s not comprehensive, but it’s a good beginning.

In this article we build off what we’ve already learned about io_uring and extend that to build an async echo server.

We examine the recent CrowdStrike outage and provide a technical overview of the root cause.

Talk from POSETTE conference