Articles

  • Upspin - seems to be a new file system from Google aimed at secure distributed storage. The main aim of the file system is to be secure and not fast.
  • Linux Insides Book - is a very good online resource if you want to read more about the detailed internals of how Linux actually works. It start from the initial boot process and goes deep into how each component in the boot process is initialized. It then covers all the primitives and core subsystems of Linux like interrupts, system calls, synchronization, timers, memory management. A highly recommended read for those who want to get to know how Linux works.
  • Samsung Knox is the next generation security platform for android phones that exists today only in Samsung smartphones. This is a very interesting read for those who are interested in cutting edge systems security and would like to know what is Samsung doing to protect your phones. The article dives deep into the workings of the Realtime Kernel Protection (RKP) and how engineers at Google were able to break the security provided by it.
  • CloudBleed - A very interesting cloud based memory corruption vulnerability in the services of a major cloud cdn provider, Cloudfare was found out. It leaked information from the memory due to improper bounds check in one of the cloudfare’s proxy servers. It turns out to have revealed everything from passwords to personal information and other user session data for cloudfare’s customers (which comprise of a HUGE list of very common websites including digitalocean, stackoverflow, medium etc. Here is a list of websites that were potentially affected by this vulnerability as they use Cloudfare’s affected services. TheHackerNews has a very good post with details about the vulnerability.
  • Google Research recently broke the SHA-1 hashing algorithm which means the softwares using it as a mechanism for Integrity checks can be fooled to accept a different file with same SHA1 hash. They released two different PDF Files which would result in same hash using SHA1.
  • RedHat blog has a good list of memory protections mechanism in the GNU GCC toolchain which provides security and memory safety from either programming error or malicious attacks
  • Intro to WebAssembly - A very approachable set of articles about what is JIT and WebAssembly. Written in easy to understand language and very informative at the same time.
  • Some very good advice from CIA about DOs and DONTs for your applications’ security. Helps build up a security mindset for any general software developer.
  • This is a small primer to refresh your JS knowledge by Mozzila.
  • New types in Python - A great list of some new python data types added in the standard library in the new 3.5/3.6 version.
  • A nice article on how to limit the size of the data read by a get request when using requests library in Python. This article was about how the author wanted to stop his web crawler from downloading a web page that was giving out an infinite stack of php error messages causing the crawling program to finally run out of memory.
  • A good list of Python asynchronous frameworks and how they stand against the new asyncio library in the Python Standard Library . This articles talks about the latest web frameworks that exist today in python and small detail about the various primitives that they use to achieve better performance than asyncio.
  • An excellent guide on defensive bash programming. Also, this is a guide from google for bash programming style. If you are at it, writing some bash programs, there is a linter that you can use to check your programs.
  • Why Jhonny can’t encrypt” -
  • An opinionated post about how Signal works and is supposed to work.
  • Jessie Frazzelle talks about why containers are still not a valid replacement as a sandbox. This blog talks about several shortcomings in Linux containers and how has she been working to improve the situation. It also points to some other awesome work being done in the same area. Subgraph OS sounds like a very interesting concept and I would love to explore it more.
  • Testing Exim - A very useful wiki to test if your exim installation is working properly. - Writing Systemd Units - A nice tutorial about some basics and brief look into advanced features of systemd unit and how to write one for yourself. When explained in a systemic manner it is looks surprisingly easy to write one myself.
  • Deprecated Linux Commands - A list of deprecated Linux command that I didn’t know were abandoned in the favor of some other new commands. Must look if you haven’t updated your command vocabulary for a long time.
  • Looking for a home server? Tai Ratcliff talks here about the reasons he went with a Supermicro server instead of Intel NUC for a home lab. I will probably consider buying one for myself too someday!
  • Semantic versioning your software releases. Learn why versioning is important in software development lifecycle and how should you do it so that half of the internet doesn’t break because automated deployment tools pulled your incompatible release 😉
  • Simple Visor