A fresh take on typesetting

When it comes to security, we care about limiting access of each entity of a system to as few other entities as possible. Network input, executables and users must be able to reach only those resources, which are necessary to perform the defined server tasks. Principle of least priviledge.

Generally, it's better to implement as many layers of security as possible. Although, there is no way to make a server 100% bullet proof - it's a huge endless topic, this article covers some feasible essential systemd tunables that give us a layer of protection.

Abstract: Polymorphic inline caches (PICs) provide a new way to reduce the overhead of polymorphic message sends by extending inline caches to include more than one cached lookup result per call site. For a set of typical object-oriented SELF programs, PICs achieve a median speedup of 11%.

Analyze how a Git repo grows over time

See how I use it:

• https://mycorrhiza.wiki/hypha/git_of_theseus

Introspectable and extensible IDEs with logic programming

In this blog post we explore how to write a type level contains operation for HList inspired type lists without running into overlapping trait implementations

Explanation of provenance, uninitialized memory and stuff like that. Useful as an entry point into realization that we don’t live in PDP-11 world anymore.

To Mock a Mockingbird and Other Logic Puzzles: Including an Amazing Adventure in Combinatory Logic is a book by the mathematician and logician Raymond Smullyan. It contains many nontrivial recreational puzzles of the sort for which Smullyan is well known. It is also a gentle and humorous introduction to combinatory logic and the associated metamathematics, built on an elaborate ornithological metaphor.

Life is hard. Some days are at the absolute limit of what we can manage. Some days are worse than that. Eating—picking a meal, making it, putting it into your facehole—can feel like an insurmountable challenge. We wrote this cookbook to share our coping strategies. It has recipes to make when you’ve worked a 16-hour day, when you can’t stop crying and you don’t know why, when you accidentally woke up an Eldritch abomination at the bottom of the ocean. But most of all, this cookbook exists to help Sad Bastards like us feel a little less alone at mealtimes.

tl;dr: /dev/random is obsolete and /dev/urandom is strictly better except in early boot.

Presented in an experimental mnemonic medium that makes it almost effortless to remember what you read

Colmena is a simple, stateless NixOS deployment tool modeled after NixOps and morph, written in Rust. It's a thin wrapper over Nix commands like nix-instantiate and nix-copy-closure, and supports parallel deployment.

Simple, fast, and green CI and caching for nix projects

It turns out that finite state machines are useful for things other than expressing computation. Finite state machines can also be used to compactly represent ordered sets or maps of strings that can be searched very quickly.

In August 2015 the U.S. National Security Agency (NSA) released a major policy statement on the need for post-quantum cryptography (PQC). This announcement will be a great stimulus to the development, standardization, and commercialization of new quantum-safe algorithms. However, certain peculiarities in the wording and timing of the statement have puzzled many people and given rise to much speculation concerning the NSA, elliptic curve cryptography (ECC), and quantum-safe cryptography. Our purpose is to attempt to evaluate some of the theories that have been proposed.

Fourier transforms are a tool used in a whole bunch of different things. This is a explanation of what a Fourier transform does, and some different ways it can be useful.

If you're curious about rainbows, colorimetry, gamma encoding, and experiments run in the late 1920s, then this is the post for you!

A free book about atomics and locks that also serves as a nice cheatsheet for x86_64, aarch64 and futexes.

What if everything you think you know about addiction is wrong? One of Johann Hari’s earliest memories is of trying to wake up one of his relatives and not be able to. As he grew older, he realized he had addiction in his family.

A lot about sockets, syscalls and bits

SimpleX Chat - a private and encrypted messenger without any user IDs (not even random ones)! Make a private connection via link / QR code to send messages and make calls.

The new Riptide garbage collector in WebKit leads to a five-fold improvement in latency in the JetStream/splay-latency test.

It’s extremely important to make sure your OAuth implementation is secure. The fix is just one line of code away. We sincerely hope the information shared in our blog post series will help prevent major online breaches and help web service owners better protect their customers and users.

WebKit's FTL JIT now uses a new backend on OS X — the Bare Bones Backend, or B3 for short, replaces LLVM as the low-level optimizer.

Designed to bring aggressive C-like optimizations to the largest variety of JavaScript programs.

TIS-100 is an open-ended programming game by Zachtronics, the creators of SpaceChem and Infinifactory, in which you rewrite corrupted code segments to repair the TIS-100 and unlock its secrets. It’s the assembly language programming game you never asked for!

Fling, jet, grapple and roll through a psychedelic world as you experience the bizarre mating rituals of alien jellyfish. You'll need careful timing and strategy to explore every cleft and cranny in this chill but challenging 1-button arcade game.

Supports a lot of fun stuff, maybe worth trying.

A recording debugger promising to “reduce the debugging time dramatically”.

An example of false sharing in real-ish workload.

Series of posts about how make C++ exceptions fast.

A website/game that allows you to create some DNS entries and see what happens.

Explore a Rust implementation of the persistence mechanism behind message-queues and write-ahead-logs in databases. Embark on a journey from the theoretical underpinnings to a production grade implementation of the segmented-log data structure.

Trustfall is a query engine for querying any kind of data source, from APIs and databases to any kind of files on disk.