About Me

My name is Steve. I am a Principal Engineer at Relativity and an Adjunct Professor of Software Engineering at DePaul University.

My primary area of responsibility at Relativity is the storage system behind RelativityOne, Relativity’s cloud-based software-as-a-service e-Discovery product. I have designed and implemented a number of components in both the structured (SQL) and unstructured (object / file) storage backends. Before Relativity, I worked in the financial industry for 15 years, primarily for the financal research firm Morningstar. I am a CFA charterholder, but I rarely use these skills professionally nowadays.

At DePaul, I teach three courses: SE 480: Software Architecture I, SE 457: Service-Oriented Architecture, and SE 441: Continuous Delivery and DevOps. I have been teaching at DePaul since 2017.

For more about my professional history, please visit my LinkedIn profile.

I have blogged on-and-off since 2004. Over the last 15+ years, I have published a number of blog post series and projects on this website. I also have a number of open source projects on GitHub.

Recent Blog Posts

Tuesday 2024-05-21 Assorted Links
Assorted Links links
Published: 2024-05-21
Tuesday 2024-05-21 Assorted Links

Assorted links for Tuesday, May 21:

  1. Linux maintainers were infected for 2 years by SSH-dwelling backdoor with huge reach
  2. Building your C++ Code with CMake in VS Code
  3. Pure Virtual C++ 2024 Recordings Now Available
  4. Microsoft launches AI chatbot for spies
  5. Critical vulnerabilities in BIG-IP appliances leave big networks open to intrusion
  6. Major ChatGPT-4o update allows audio-video talks with an “emotional” AI chatbot
  7. Before launching, GPT-4o broke records on chatbot leaderboard under a secret name
  8. AI in Gmail will sift through emails, provide search summaries, send emails
  9. MIT students stole $25M in seconds by exploiting ETH blockchain bug, DOJ says
  10. The Rise of Large-Language-Model Optimization
Monday 2024-05-20 Assorted Links
Assorted Links links
Published: 2024-05-20
Monday 2024-05-20 Assorted Links

Assorted links for Monday, May 20:

  1. Microsoft plans to lock down Windows DNS like never before. Here’s how.: The framework is called Zero Trust DNS (ZTDNS)
  2. An informal comparison of the three major implementations of std::string
  3. “Unprecedented” Google Cloud event wipes out customer account and its backups
  4. Slack Is Using Your Private Conversations to Train Its AI
  5. Cloudflare Praises Golang PGO For Significant CPU Savings
  6. Torvalds Voices Thoughts On Linux Mitigating Unexpected Arithmetic Overflows/Underflows
  7. IO-uring Bringing Better Send Zero-Copy Performance With Linux 6.10
  8. Microsoft Engineer Ports EXT2 File-System Driver To Rust
  9. Secure Randomness in Go 1.22
  10. FUSE passthrough for file I/O
Friday 2024-05-10 Assorted Links
Assorted Links links
Published: 2024-05-10
Friday 2024-05-10 Assorted Links

Assorted links for Friday, May 10:

  1. How an empty S3 bucket can make your AWS bill explode
  2. MemoryDB: Speed, Durability, and Composition.
  3. Best practices for monitoring ML models in production
  4. New Microsoft AI model may challenge GPT-4 and Google Gemini
  5. Novel attack against virtually all VPN apps neuters their entire purpose
  6. Hackers discover how to reprogram NES Tetris from within the game
  7. Storage Churn: Some thoughts on alternative cloud storage services
  8. Was There A Trojan Horse Hidden In Section 230 All Along That Could Enable Adversarial Interoperability?
  9. Why choose sum types over exceptions?
  10. Fixing retries with token buckets and circuit breakers
Thursday 2024-05-09 Assorted Links
Assorted Links links
Published: 2024-05-09
Thursday 2024-05-09 Assorted Links

Assorted links for Thursday, May 9:

  1. Dependabot on GitHub Actions and self-hosted runners is now generally available
  2. Speeding up C++ build times
  3. Why OpenAI Replaced ChatGPT Plugins With GPTs
  4. Making an Application More Robust With Data Mapping
  5. The business of wallets

    Regulators strongly prefer that deposits stay within the regulated banking sector. The single largest reason is that they’re worried that households’ immediately accessible stored funds stay safe and accessible. A major follow-up reason, less understood by non-specialists, is that regulated banks are bound to a long list of consumer protection items on the transaction level, not the institution level. A lot of the abuse in the economy happens in $50 and $5,000 increments, rather than multi-billion dollar increments. Regulators sleep happier knowing that this abuse happens at companies with teams of operators standing. Those operators will groan and chalk a disputed transaction, instance of fraud, or glitch in the matrix up to the operational losses budget rather than sticking a user with it.

  6. How we built Text-to-SQL at Pinterest
  7. Minimizing on-call burnout through alerts observability
  8. What Is Amazon Resource Name (ARN)?
  9. OpenTelemetry Best Practices #1: Naming
  10. OpenTelemetry Best Practices #2 Agents, Sidecars, Collectors, Coded Instrumentation
Wednesday 2024-05-08 Assorted Links
Assorted Links links
Published: 2024-05-08
Wednesday 2024-05-08 Assorted Links

Assorted links for Wednesday, May 8:

  1. Development Containers Simplified
  2. Highlights from Git 2.45
  3. systemd Rolling Out run0 As sudo Alternative: From what I can tell from the summary, run0 should be more secure than sudo
    • Detailed commentary from Lennart Poterring is here
  4. What we need to take away from the XZ Backdoor
  5. Get started with the latest updates for Dockerfile syntax (v1.7.0)
  6. MSVC Address Sanitizer adoption in .NET’s CoreCLR: I want to use significantly more static and dynamic analysis in my occasional C++ use
  7. Visual Studio features for C++ Header Files and Modules
  8. How to audit data modifications with surgical precision
  9. Storing energy with compressed air is about to have its moment of truth
  10. Introducing Artifact Attestations–now in public beta
Tuesday 2024-05-07 Assorted Links
Assorted Links links
Published: 2024-05-07
Tuesday 2024-05-07 Assorted Links

Assorted links for Tuesday, May 7:

  1. Streamline your container build and publish with .NET 8
  2. Building a scalable gateway with .NET for Microsoft AI
  3. Profiling Docker Compose services through Visual Studio
  4. Refactor your C# code with primary constructors
  5. What’s new for .NET in Ubuntu 24.04
  6. Secure your container build and publish with .NET 8
  7. Silent, brokered authentication on Windows with the Azure Identity libraries
  8. Vendor-Locked DevOps Strategies: Personally I think vendor lock-in is mostly overblown.
  9. 4 ways GitHub engineers use GitHub Copilot
  10. The Performance Impact of C++’s final Keyword: tl;dr, final isn’t always faster, and modern CPU performance defies intuition so always test & measure.
Monday 2024-05-06 Assorted Links
Assorted Links links
Published: 2024-05-06
Monday 2024-05-06 Assorted Links

Assorted links for Monday, May 6:

  1. It’s About Time!: Some discussions about the use of time in system designs.
  2. BPFAgent: eBPF for Monitoring at DoorDash
  3. Best practices to prevent alert fatigue
  4. Streamlining and Implementing Incident Management at Dyninno
  5. What is Platform Engineering? by Gartner
  6. Inside the gamedays: how we tested Signals for reliability
  7. The Making of VES: the Cosmos Microservice for Netflix Video Encoding
  8. Researchers make a plastic that includes bacteria that can digest it
  9. Review of the Summer 2023 Microsoft Exchange Online Intrusion by the Cyber Safety Review Board
  10. How G.M. Tricked Millions of Drivers Into Being Spied On (Including Me)
Friday 2024-04-26 Assorted Links
Assorted Links links
Published: 2024-04-26
Friday 2024-04-26 Assorted Links

Assorted links for Friday, April 26:

  1. Apache DataSketches: A software library of stochastic streaming algorithms
  2. Sysdig 2022 Cloud-Native Security and Usage Report: Stay on Top of Risks as You Scale
  3. validkube: Validkube combines the best open-source tools to help ensure Kubernetes YAML best practices, hygiene & security
  4. Best Practices for Running Stateful Applications on Kubernetes
  5. The Twelve-Factor App
  6. Multi-Runtime Microservices Architecture
  7. What Comes after Microservices? Multi-Runtime Microservices with Bilgin Ibryam at QCon London
  8. Microservices guru warns devs that trendy architecture shouldn’t be the default for every app, but ‘a last resort’
  9. Istio as an Example of When Not to Do Microservices
  10. Zhamak Dehghani on Data Mesh, Domain-Oriented Data, and Building Data Platforms
Thursday 2024-04-25 Assorted Links
Assorted Links links
Published: 2024-04-25
Thursday 2024-04-25 Assorted Links

Assorted links for Thursday, April 25:

  1. Onboarding SLOs for Salesforce services
  2. Curiefense: An application security platform
  3. It’s always DNS… except when it’s not: A deep dive through gRPC, Kubernetes, and AWS networking
  4. Set up a Terraform Pipeline with GitHub Actions and GitHub OIDC for AWS
  5. Improving software supply chain security with tamper-proof builds
  6. How Netflix Content Engineering makes a federated graph searchable
  7. The complete guide to protecting your APIs with OAuth2 (part 1)
  8. How to Use Docker to Containerize Java Web Applications: Tutorial for Beginners
  9. Detecting silent errors in the wild: Combining two novel approaches to quickly detect silent data corruptions at scale
  10. Awesome C: A curated list of C good stuff
Wednesday 2024-04-24 Assorted Links
Assorted Links links
Published: 2024-04-24
Wednesday 2024-04-24 Assorted Links

Assorted links for Wednesday, April 24:

  1. Pharos: The Observability Platform at Workday
  2. How We Halved Go Monorepo CI Build Time
  3. DevOps and Cloud InfoQ Trends Report – June 2022
  4. SLSA: Securing the Software Supply Chain
  5. AWS Security Maturity Model
  6. Uncurled – everything I know and learned about running and maintaining Open Source projects for three decades.
  7. .bazelrc flags you should enable
  8. OpenFeature: Standardizing Feature Flagging for Everyone
  9. Building a Platform for Serving Recommendations at Etsy
  10. Observability 4 JVM Frameworks with Grafana in Java and Kotlin