Bookmarks

106 bookmarks saved.

Place where goldstein dumps his links so she doesn’t have 500 tabs ever again.

Tags are structured like this:

  • is- tags are about medium. Books, papers, blog posts, interactive explanations etc.

  • about- tags are about about. What’s this post topic or what’s this project is/for.

  • to- tags are about reason. Why did I even save this?

  • for- tags are about connections. Where can I use it?

How to manipulate curve standards: a white paper for the black hat

bada55.cr.yp.to/bada55-20150927.pdf

A paper about choosing “nothing-up-my-sleeve” numbers while having stuff up your sleeve.

about-security,is-paper,to-show

The little ssh that (sometimes) couldn't

mina.naguib.ca/blog/2012/10/22/the-little-ssh-that-sometimes-couldnt.html

A fascinating tale about network problems.

about-networking,is-blog,to-show

Learning Async Rust With Entirely Too Many Web Servers

ibraheem.ca/posts/too-many-web-servers

A nice explanation of async that’s not about “threads slow”, but rather about how async as an abstraction emerges from sensible design decisions.

about-rust,is-blog,to-show

Shapecatcher

shapecatcher.com

Allows you to find Unicode characters by drawing them.

about-text,about-tools,is-project,to-show

A universal lowering strategy for control effects in Rust

www.abubalay.com/blog/2024/01/14/rust-effect-lowering

The Rust language has incrementally grown a set of patterns to support control-flow effects including error handling, iteration, and asynchronous I/O. In The registers of Rust, boats lays out four aspects of this pattern shared by Rust’s three effects. Today these effects are typically used in isolation, or at most combined in bespoke ways, but the Rust project has been working on ways to integrate them more deeply with each other, such as async gen blocks.

The theory of algebraic effects and handlers has explored this design space and offers answers to many of the questions that the Rust project has encountered during this work. This post will relate the patterns employed by Rust to the terminology and semantics of effects, to help build a shared vocabulary and understanding of the implications of combining multiple effects.

about-compilers,about-rust,is-blog,to-show

voidlizard/hbs2: P2P CAS / P2P Framework / Distributed GIT

github.com/voidlizard/hbs2

A distributed network that allows you to add host-independent repo identifier as a git origin. Looks like it worth a try, especially with sr.ht being down and Codeberg half-broken because of a DDoS attack.

about-networking,about-tools,about-vcs,is-repo,to-try

ast-grep | structural search/rewrite tool for many languages

ast-grep.github.io

Treesitter-based AST search-and-replace. Supports lints via saved patterns, LSP diagnostics + quick fixes and a regular CLI. Sounds pretty cool for custom lints.

about-langs,about-tools,is-project,to-try

Compromising a Linux desktop using... 6502 processor opcodes on the NES?!

scarybeastsecurity.blogspot.com/2016/11/0day-exploit-compromising-linux-desktop.html

gstreamer-plugins-bad includes a NES 6502 emulator, which was vulnerable to RCE.

about-security,is-blog,to-show

features are faults

flak.tedunangst.com/post/features-are-faults

Review of many different software vulnerabilities caused by obscure undertested (mis-)features.

A modern web browser is the software equivalent of Gabriel’s Horn. Finite volume, but infinite attack surface.

about-security,is-blog,to-show

Speculation in JavaScriptCore

www.webkit.org/blog/10308/speculation-in-javascriptcore

This post is all about speculative compilation, or just speculation for short, in the context of the JavaScriptCore virtual machine.

about-compilers,about-low-level,is-blog,to-show

So you want custom allocator support in your C library

nullprogram.com/blog/2023/12/17

Some thoughts on custom allocator interfaces with nice examples.

about-low-level,is-blog,to-archive,to-show

Performance of WebAssembly (WASM) runtimes in 2023

00f.net/2023/01/04/webassembly-benchmark-2023

Comparison between different runtimes and with native code.

about-compilers,about-tools,is-blog,to-archive,to-show

The Generic Dilemma

research.swtch.com/generic

The generic dilemma is this: do you want slow programmers, slow compilers and bloated binaries, or slow execution times?

No generics / monomorphization / dynamic dispatch

about-compilers,about-langs,is-blog,to-show

mfio: Completion I/O for Everyone

blaz.is/blog/post/mfio-release

Another take on io_uring in Rust. Doesn’t bring its own runtime, instead choosing to integrate with tokio.

about-rust,is-project,to-try

Pinning all system calls in OpenBSD

marc.info/?l=openbsd-tech&m=170205367232026&w=2

How OpenBSD prohibited all syscalls from unknown locations.

about-low-level,about-security,is-blog,to-show

FireDBG: Time Travel Visual Debugger for Rust

firedbg.sea-ql.org

Looks really cool. I wonder what’s inside.

about-rust,about-tools,for-memequeue,is-project,to-try

prr: Review GitHub PRs from local editor

dxuuu.xyz/prr.html
about-tools,about-vcs,is-project,to-try

Software Transactional Memory: Clojure vs. Haskell

leftfold.tech/posts/pie-a-la-mode/#fnref-2

A nice overview of STM primitives.

about-programming,is-blog,to-read

Execution in the Kingdom of Nouns

steve-yegge.blogspot.com/2006/03/execution-in-kingdom-of-nouns.html

About why free functions are important. I find verb/noun framework from this article quite useful.

about-langs,is-blog,to-show

Designing a SIMD Algorithm from Scratch

mcyoung.xyz/2023/11/27/simd-base64/#fnref:pad-with-A

A nice post about SIMD algorithms using Rust’s portable SIMD as an example.

about-low-level,is-blog,to-read

nix-std: no-nixpkgs standard library for the nix expression language

github.com/chessai/nix-std
about-nix,is-repo,to-try

Semantic fuzzing of the Rust compiler and interpreter

ethz.ch/content/dam/ethz/special-interest/infk/inst-pls/plf-dam/documents/StudentProjects/MasterTheses/2023-Andy-Thesis.pdf

A very nice paper about fuzzing Rust compiler by generating custom MIR. Found some bugs in both rustc and LLVM, but notably not in Cranelift.

about-compilers,about-rust,is-paper,to-show

jaq: A jq clone focussed on correctness, speed, and simplicity

github.com/01mf02/jaq
about-tools,is-repo,to-try

Friends don't let friends make certain types of data visualization

github.com/cxli233/FriendsDontLetFriends

This is an opinionated essay about good and bad practices in data visualization. Examples and explanations are below.

about-humans,about-math,about-tools,is-blog,to-read,to-show

Linus Torvalds about spinlocks and locking in general

www.realworldtech.com/forum/?threadid=189711&curpostid=189723
about-low-level,for-memequeue,is-blog,to-read

Efficient Userspace Optimistic Spinning Locks

lpc.events/event/4/contributions/286/attachments/225/398/LPC-2019-OptSpin-Locks.pdf

How to spin before sleeping so that it actually helps and not harms?

about-low-level,for-memequeue,is-paper,to-read

Mutexes Are Faster Than Spinlocks

matklad.github.io/2020/01/04/mutexes-are-faster-than-spinlocks.html

Microbenchmark for futexes + spinlocks and some useful links at the bottom.

about-low-level,about-rust,for-memequeue,is-blog,to-show

Spinlocks Considered Harmful

matklad.github.io/2020/01/02/spinlocks-considered-harmful.html

Because spin locks are so simple and fast, it seems to be a good idea to use them for short-lived critical sections. For example, if you only need to increment a couple of integers, should you really bother with complicated syscalls? In the worst case, the other thread will spin just for a couple of iterations…
Unfortunately, this logic is flawed! A thread can be preempted at any time, including during a short critical section. If it is preempted, that means that all other threads will need to spin until the original thread gets its share of CPU again. And, because a spinning thread looks like a good, busy thread to the OS, the other threads will spin until they exhaust their quants, preventing the unlucky thread from getting back on the processor!

about-low-level,about-rust,is-blog,to-show

Lambda calculus - Combinatory Logic

theory.stanford.edu/~blynn/lambda/cl.html

Variables are the trickiest part of lambda calculus. And naming is the trickiest part of variables: the most complex code in our lambda evaluator is the part that renames variables to perform capture-avoiding substitutions.
Names are artificial tedious tags whose sole purpose is to aid human comprehension. Can we get rid of them? There ought to be a way to study computation without naming names.

about-math,about-programming,is-blog,is-interactive,to-read

Surprisingly Slow

gregoryszorc.com/blog/2021/04/06/surprisingly-slow

This is the closing-file-handles-on-Windows post.

I'm titling this post Surprisingly Slow because the slowness was either surprising to me or the sub-optimal practices leading to slowness are prevalent enough that I think many programmers would be surprised by their existence.

about-programming,about-rust,is-blog,to-show

netaddr.IP: a new IP address type for Go

tailscale.com/blog/netaddr-new-ip-type-for-go

The Go standard library’s net.IP type is problematic for a number of reasons. We wrote a new one.

This post explores some problems with Go’s “simplicity by design”: introducing a better IP type that’s also interoperable with the language proves to be a non-trivial challenge.

about-langs,about-networking,is-blog,to-show

Distributed Proofreaders

www.pgdp.net/c

Distributed Proofreaders provides a web-based method to ease the conversion of Public Domain books into e-books. By dividing the workload into individual pages, many volunteers can work on a book at the same time.

about-humans,is-project,to-try

Game: OVERFLOW

punkx.org/overflow

The [board] game is about creating a small shellcode in memory by copying existing instructions and then exploiting a buffer overflow to jump into it, so that you can overwrite your opponent’s return address to force them to go to the game_over() function.There are other mechanics as well and more layers of strategy (like setting the exception handler or monkeypatching).

about-low-level,is-game,to-try

Sapiens: A Brief History of Humankind

en.wikipedia.org/wiki/Sapiens:_A_Brief_History_of_Humankind

The book, focusing on Homo sapiens, surveys the history of humankind, starting from the Stone Age and going up to the twenty-first century. The account is situated within a framework that intersects the natural sciences with the social sciences.

about-humans,is-book,to-read

git-revise

git-revise.readthedocs.io/en/latest

Faster and simpler git rebase.

about-vcs,for-job,is-project,to-try

Calculus Made Easy

calculusmadeeasy.org
about-math,is-book,to-read

Measuring Mutexes, Spinlocks and how Bad the Linux Scheduler Really is

probablydance.com/2019/12/30/measuring-mutexes-spinlocks-and-how-bad-the-linux-scheduler-really-is

This blog post is one of those things that just blew up. From a tiny observation at work about odd behaviors of spinlocks I spent months trying to find good benchmarks, (still not entirely successful) writing my own spinlocks, mutexes and condition variables and even contributing a patch to the Linux kernel. The main thing I’ll try to answer is to give some more informed guidance on the endless discussion of mutex vs spinlock. Besides that I found that most mutex implementations are really good, that most spinlock implementations are pretty bad, and that the Linux scheduler is OK but far from ideal. The most popular replacement, the MuQSS scheduler has other problems instead. (the Windows scheduler is pretty good though)

about-low-level,for-memequeue,is-blog

nand2tetris

www.nand2tetris.org

The site contains all the lectures, project materials and tools necessary for building a general-purpose computer system and a modern software hierarchy from the ground up.

about-low-level,about-programming,is-book,is-game,to-try

how I think when I think about programming

www.alicemaz.com/writing/program.html

a whirlwind tour through the guts of the system

about-programming,is-blog,to-read

Dungeons and Discourse Third Edition: The dialectic continues

slatestarcodex.com/2013/02/22/dungeons-and-discourse-third-edition-the-dialectic-continues

Dungeons and Dragons, but about philosophy.

is-game,to-show

Let's Build a Cargo Compatible Build Tool

ductile.systems/freight-part-1

Tutorial about building a self-hosting cargo-compatible build tool. I have many problems with cargo and was interested in nixifying our job builds for eternity, so maybe there’s something useful there.

about-rust,for-job,is-blog,to-read

Bootstrapping with FORTH

compilercrim.es/bootstrap

What if all software suddenly disappeared? What's the minimum you'd need to bootstrap a practical system? I decided to start with a one sector (512-byte) seed and find out how far I can get.

about-compilers,about-low-level,is-blog,to-read

The myrmics memory allocator

citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.1074.2437&rep=rep1&type=pdf

A paper about message-passing memory allocator: could be useful for actor systems.

about-compilers,for-job,is-paper,to-read

Toy Tutorial - MLIR

mlir.llvm.org/docs/Tutorials/Toy

MLIR is an interesting LLVM compiler framework thingy that uses LLVM for multiple representations instead of just high-level assembly.

This tutorial runs through the implementation of a basic toy language on top of MLIR. The goal of this tutorial is to introduce the concepts of MLIR; in particular, how dialects can help easily support language specific constructs and transformations while still offering an easy path to lower to LLVM or other codegen infrastructure. This tutorial is based on the model of the LLVM Kaleidoscope Tutorial.

about-compilers,is-book,to-read

Futexes Are Tricky

dept-info.labri.fr/~denis/Enseignement/2008-IR/Articles/01-futex.pdf

Detailed explanation of futexes, including some possible pitfalls.

about-low-level,for-memequeue,is-paper,to-read

Why's (Poignant) Guide to Ruby

poignant.guide

Ruby tutorial with very unusual and interesting writing style.

about-programming,is-book,to-read

Category Theory Illustrated

abuseofnotation.github.io/category-theory-illustrated

Category Theory Illustrated is a primer in category theory and other mathematical theories that is made to be really accessible to people with no prior exposure to the subject, without being dumbed down, by utilizing visual explanations.

about-math,is-book,to-read

Bots Are Stupid

www.gamingonlinux.com/2022/12/bots-are-stupid-is-an-ultra-precise-programming-platformer

Up for a challenge and love programming? Well it seems that Bots Are Stupid might be a good fit for you. An ultra-precise platformer where you don't directly control things — what could possibly go wrong?

about-programming,is-game,to-try

The Hitchhiker's Guide to Logical Verification

browncs1951x.github.io/static/files/hitchhikersguide.pdf

Book about proofs with Lean.

about-math,about-programming,is-book,to-read

Workarounds to Computer Access in Healthcare Organizations: You Want My Password or a Dead Patient?

www.cs.dartmouth.edu/~sws/pubs/ksbk15-draft.pdf

Paper about how IT in healthcare in general and IT security in particular is done by people who don’t actually use it, listing different problems and workarounds that end up being used in the field.

Sacrificing convenience for security leads you to having neither security nor convenience.

about-security,is-paper,to-show

Modeling graphs in Rust using vector indices

smallcultfollowing.com/babysteps/blog/2015/04/06/modeling-graphs-in-rust-using-vector-indices

Niko’s post about using vectors (≈ arenas) instead of reference counters to model graphs. Explains how it relates to ownership and borrowing.

See also: Handles are the better pointers.

about-rust,is-blog,to-show

Handles are the better pointers

floooh.github.io/2018/06/17/handles-vs-pointers.html

A blog post explaining the “single owner of data, everyone has indices instead of pointers” model. Not actually about Rust per se, just happens to be really useful for Rust.

See also: Modeling graphs in Rust using vector indices.

about-programming,about-rust,is-blog,to-show

No Sane Compiler Would Optimize Atomics

www.open-std.org/jtc1/sc22/wg21/docs/papers/2015/n4455.html

The paper’s claim:

False.

Compilers do optimize atomics, memory accesses around atomics, and utilize architecture-specific knowledge. This paper illustrates a few such optimizations, and discusses their implications.

Interestingly, none of the optimizations proposed in the paper actually work on GCC or Clang.

about-compilers,about-low-level,for-memequeue,is-blog,to-archive

Game: Out of Ctrl

miknugget.itch.io/out-of-ctrl

Push key blocks into their slots to gain control of the qwert. Regain Ctrl (and possible other keys) to get to the get through to the end. There are fourteen levels total. Can you get through them all?

is-game,to-try

Game: Wayfarer

idrellegames.itch.io/wayfarer

You are a Wayfarer. Marked by a complete immunity to magic, Wayfarers travel the world, breaking curses, hunting monsters, and fighting magic when it spins out of control. Their Order, once a powerful presence in the world, is broken, leaving behind only a handful of warriors still bound by their creed.

is-game,to-try

Game: Manifold Garden by William Chyr

williamchyr.itch.io/manifoldgarden

Rediscover gravity and explore a beautiful Escher-esque world of impossible architecture. Geometry repeats infinitely in every direction, and falling down leads you back to where you started. Manipulate gravity to change your perspective and see the world in new ways. Master the rules of the universe and restore a barren world with vegetation and life.

is-game,to-try

The Magic Ring Buffer

fgiesen.wordpress.com/2012/07/21/the-magic-ring-buffer

A first (as far as I know) description of ringbuffer based on two mmaps. I hope to make a better one sometime, but for now this’ll the best explanation I have.

about-low-level,for-memequeue,is-blog,to-show

Nota Language

Reposted nota-lang.org

A fresh take on typesetting

about-langs,is-project,to-read,to-try

Nutshell: make expandable, embeddable explanations

ncase.me/nutshell
about-tools,is-interactive,is-project,to-try

Implementing truly safe semaphores in rust

neosmart.net/blog/implementing-truly-safe-semaphores-in-rust
about-rust,is-blog,to-read

Shufflecake: plausible deniability for multiple hidden filesystems on Linux

shufflecake.net
about-security,about-tools,is-project,to-try

tips for systemd services management and hardening in NixOS

git.selfprivacy.org/alexoundos/articles/src/branch/master/systemd-hardening-in-NixOS/article.md

When it comes to security, we care about limiting access of each entity of a system to as few other entities as possible. Network input, executables and users must be able to reach only those resources, which are necessary to perform the defined server tasks. Principle of least priviledge.

Generally, it's better to implement as many layers of security as possible. Although, there is no way to make a server 100% bullet proof - it's a huge endless topic, this article covers some feasible essential systemd tunables that give us a layer of protection.

about-nix,is-blog,to-read

Optimizing Dynamically-Typed Object-Oriented Languages With Polymorphic Inline Caches

bibliography.selflanguage.org/_static/pics.pdf

Abstract: Polymorphic inline caches (PICs) provide a new way to reduce the overhead of polymorphic message sends by extending inline caches to include more than one cached lookup result per call site. For a set of typical object-oriented SELF programs, PICs achieve a median speedup of 11%.

about-compilers,is-paper,to-read

Laurence Tratt: Why Aren't Programming Language Specifications Comprehensive?

tratt.net/laurie/blog/2023/why_arent_programming_language_specifications_comprehensive.html
about-compilers,is-blog,to-read
1