Assorted Links

Monday 2024-07-15 Assorted Links
Assorted Links links
Published: 2024-07-15
Monday 2024-07-15 Assorted Links

Assorted links for Monday, July 15:

  1. “We’re Living in a Nightmare:” Inside the Health Crisis of a Texas Bitcoin Town
  2. Ubuntu 24.10 To Enable Frame Pointers For More Packages: tl;dr: don’t use -fomit-frame-pointer anymore.
  3. State of Text Rendering 2024
  4. Scalpers Work With Hackers to Liberate Ticketmaster’s ‘Non-Transferable’ Tickets
  5. Exploring the challenges in creating an accessible sortable list (drag-and-drop)
Wednesday 2024-07-03 Assorted Links
Assorted Links links
Published: 2024-07-03
Wednesday 2024-07-03 Assorted Links

Assorted links for Wednesday, July 3:

  1. Error and Transaction Handling in SQL Server: Part One – Jumpstart Error Handling
  2. Error and Transaction Handling in SQL Server: Part Two – Commands and Mechanisms
  3. Error and Transaction Handling in SQL Server: Part Three – Implementation
  4. SLICK: Adopting SLOs for improved reliability

    SLICK can help us locate metric and performance data regarding the reliability of a specific service just by knowing its name. It does this by building an index of onboarded services that link to dashboards with standard visualizations to analyze and assess the service reliability. So, with a single click, it becomes possible to know whether a service currently meets or doesn’t meet user expectations. We can then start asking why.

  5. Using Admission Controllers to Detect Container Drift at Runtime
Tuesday 2024-07-02 Assorted Links
Assorted Links links
Published: 2024-07-02
Tuesday 2024-07-02 Assorted Links

Assorted links for Tuesday, July 2:

  1. How to Measure DevSecOps Success: Key Metrics Explained

    Key DevSecOps metrics:

    1. Number of security vulnerabilities over time
    2. Compliance with security policies
  2. “Energy-smart” bricks need less power to make, are better insulation

    According to the RMIT researchers, “Brick kilns worldwide consume 375 million tonnes (~340 million metric tons) of coal in combustion annually, which is equivalent to 675 million tonnes of CO2 emission (~612 million metric tons).” This exceeds the combined annual carbon dioxide emissions of 130 million passenger vehicles in the US.

  3. Researchers upend AI status quo by eliminating matrix multiplication in LLMs

    In the new paper, titled “Scalable MatMul-free Language Modeling,” the researchers describe creating a custom 2.7 billion parameter model without using MatMul ([matrix multiplication]) that features similar performance to conventional large language models (LLMs). They also demonstrate running a 1.3 billion parameter model at 23.8 tokens per second on a GPU that was accelerated by a custom-programmed FPGA chip that uses about 13 watts of power (not counting the GPU’s power draw). The implication is that a more efficient FPGA “paves the way for the development of more efficient and hardware-friendly architectures,” they write.

  4. Enhancing Netflix Reliability with Service-Level Prioritized Load Shedding

    We implemented a concurrency limiter within PlayAPI that prioritizes user-initiated requests over prefetch requests without physically sharding the two request handlers. This mechanism uses the partitioning functionality of the open source Netflix/concurrency-limits Java library.

  5. Explaining generative language models to (almost) anyone
Monday 2024-07-01 Assorted Links
Assorted Links links
Published: 2024-07-01
Monday 2024-07-01 Assorted Links

Assorted links for Monday, July 1:

  1. The Danger of Atomic Operations

    Most engineers reach for atomic operations in an attempt to produce some lock-free mechanism. Furthermore, programmers enjoy the intellectual puzzle of using atomic operations. Both of these lead to clever implementations which are almost always ill-advised and often incorrect.

  2. What an SBOM can do for you
  3. sched_ext: a BPF-extensible scheduler class (Part 1)

    sched_ext allows you to write and run your custom process scheduler optimized for your target workloads and hardware architectures using BPF programs.

  4. sched_ext: scheduler architecture and interfaces (Part 2)
  5. Leveraging AI for efficient incident response

    We’ve streamlined our investigations through a combination of heuristic-based retrieval and large language model (LLM)-based ranking to provide AI-assisted root cause analysis. During backtesting, this system has achieved promising results: 42% accuracy in identifying root causes for investigations at their creation time related to our web monorepo.

Wednesday 2024-06-26 Assorted Links
Assorted Links links
Published: 2024-06-26
Wednesday 2024-06-26 Assorted Links

Assorted links for Wednesday, June 26:

  1. Speed Up Your CI/CD Pipeline with Change-Based Testing in a Yarn-Based Monorepo: I note that only building and testing what changed is one of the core value propositions of Bazel, but adopting Bazel often requires large investment in engineering and training.
  2. What makes a good REST API?
  3. How to use DORA metrics to improve software delivery
  4. Don’t Get Lost in the Metrics Maze: A Practical Guide to SLOs, SLIs, Error Budgets, and Toil
  5. Static B-Trees

    In this section, we generalize the techniques we developed for binary search to static B-trees and accelerate them further using SIMD instructions. In particular, we develop two new implicit data structures:

    • The first is based on the memory layout of a B-tree, and, depending on the array size, it is up to 8x faster than std::lower_bound while using the same space as the array and only requiring a permutation of its elements.
    • The second is based on the memory layout of a B+ tree, and it is up to 15x faster than std::lower_bound while using just 6-7% more memory — or 6-7% of the memory if we can keep the original sorted array.
Tuesday 2024-06-25 Assorted Links
Assorted Links links
Published: 2024-06-25
Tuesday 2024-06-25 Assorted Links

Assorted links for Tuesday, June 25:

  1. Radioactive drugs strike cancer with precision

    Pluvicto and Lutathera are both built around small protein sequences, known as peptides. These peptides specifically bind to target receptors on cancer cells—PSMA in the case of prostate cancer and somatostatin receptors in the case of Lutathera—and deliver radiation through the decay of unstable lutetium.

    Administered via infusion into the bloodstream, these drugs circulate throughout the body until they firmly attach to the surfaces of tumor cells they encounter. Anchored at these target sites, the lutetium isotope then releases two types of radiation that aid in cancer treatment. The primary emission consists of beta particles, high-energy electrons capable of penetrating tumors and surrounding cells, tearing into DNA and causing damage that ultimately triggers cell death.

  2. Amazon Exploring MM-Local Memory Allocations To Help With Current/Future Speculation Attacks

    Back in 2019 after various speculation-based CPU vulnerabilities began coming to light, Amazon engineers proposed process-local memory allocations for hiding KVM secrets. They were striving for an alternative mitigation for vulnerabilities like L1TF by essentially providing some memory regions for kernel allocations out of view/access from other kernel code. Amazon engineers this week laid out a new proposal after five years of ongoing Linux kernel improvements for MM-local memory allocations for dealing with current and future speculation-based cross-process attacks.

  3. TypeSpec: An API design language that either competes with, or augments, OpenAPI.
  4. Optimize Kubernetes Pods’ Startup Time Using VolumeSnapshots: If your K8S application uses enormous, static data sources, using VolumeSnapshots may speed up its launch time significantly.
  5. Building a GitOps CI/CD Pipeline with GitHub Actions (SOC 2)
Monday 2024-06-24 Assorted Links
Assorted Links links
Published: 2024-06-24
Monday 2024-06-24 Assorted Links

Assorted links for Monday, June 24:

  1. The time smart quotes prevented the entire Office division from committing code
  2. Video annotator: a framework for efficiently building video classifiers using vision-language models and active learning

    We introduce a novel framework, Video Annotator (VA), which leverages active learning techniques and zero-shot capabilities of large vision-language models to guide users to focus their efforts on progressively harder examples, enhancing the model’s sample efficiency and keeping costs low.

    VA seamlessly integrates model building into the data annotation process, facilitating user validation of the model before deployment, therefore helping with building trust and fostering a sense of ownership. VA also supports a continuous annotation process, allowing users to rapidly deploy models, monitor their quality in production, and swiftly fix any edge cases by annotating a few more examples and deploying a new model version.

  3. PVF: A novel metric for understanding AI systems’ vulnerability against SDCs in model parameters

    Parameter vulnerability factor (PVF) is a novel metric we’ve introduced with the aim to standardize the quantification of AI model vulnerability against parameter corruptions.

  4. Keeping main green in a monorepo
  5. Researchers describe how to tell if ChatGPT is confabulating

    …[T]he researchers focus on what they call semantic entropy. This evaluates all the statistically likely answers evaluated by the LLM and determines how many of them are semantically equivalent. If a large number all have the same meaning, then the LLM is likely uncertain about phrasing but has the right answer. If not, then it is presumably in a situation where it would be prone to confabulation and should be prevented from doing so.

Friday 2024-06-21 Assorted Links
Assorted Links links
Published: 2024-06-21
Friday 2024-06-21 Assorted Links

Assorted links for Friday, June 21:

  1. MLow: Meta’s low bitrate audio codec

    After nearly two years of active development and testing, we are proud to announce Meta Low Bitrate audio codec, aka MLow, which achieves two-times-better quality than Opus (POLQA MOS 1.89 vs 3.9 @ 6kbps WB). Even more importantly, we are able to achieve this great quality while keeping MLow’s computational complexity 10 percent lower than that of Opus.

  2. Unlocking the power of unstructured data with RAG

    To make the most of their unstructured data, development teams are turning to retrieval-augmented generation, or RAG, a method for customizing large language models (LLMs). They can use RAG to keep LLMs up to date with organizational knowledge and the latest information available on the web. They can also use RAG and LLMs to surface and extract insights from unstructured data.

  3. LXC vs. Docker: Which One Should You Use?

    LXC is not typically used for application development but for scenarios requiring full OS functionality or direct hardware integration. Its ability to provide isolated and secure environments with minimal overhead makes it suitable for infrastructure virtualization where traditional VMs might be too resource-intensive.

    Docker’s utility in supporting rapid development cycles and complex architectures makes it a valuable tool for developers aiming to improve efficiency and operational consistency in their projects.

  4. AES-GCM and breaking it on nonce reuse
  5. Next-Level Boilerplate: An Inside Look Into Our .Net Clean Architecture Repo

    Clean architecture is a widely adopted opinionated way to structure your code and to separate the concerns of the application into layers. The main idea is to separate the business logic from the infrastructure and presentation layers.

Thursday 2024-06-20 Assorted Links
Assorted Links links
Published: 2024-06-20
Thursday 2024-06-20 Assorted Links

Assorted links for Thursday, June 20:

  1. How we improved push processing on GitHub

    A push triggers a Kafka event, which is fanned out via independent consumers to many isolated jobs that can process the event without worrying about any other consumers.

  2. Leveraging Rust in High-Performance Web Services

    Rust’s ownership model is a fundamental feature that enhances both speed and safety. Every value in Rust has a unique owner, responsible for its cleanup when it’s no longer needed. This eliminates the need for a garbage collector and ensures efficient memory management. The ownership rules are enforced at compile time, which means there’s no runtime overhead.

  3. systemd 256 Released With run0, systemd-vpick, importctl & Other New Features
  4. Maintaining large-scale AI capacity at Meta

    Outside of special cases, Meta maintains its fleet of clusters using a technique called maintenance trains. This is used for all capacity, including compute and storage capacity. A small number of servers are taken out of production and maintained with all applicable upgrades. Trains provide the guarantee that all capacity minus one maintenance domain is up and running 24/7, thus providing capacity predictability. This is mandatory for all capacity that is used for online and recurring training.

  5. How Meta trains large language models at scale
Wednesday 2024-06-19 Assorted Links
Assorted Links links
Published: 2024-06-19
Wednesday 2024-06-19 Assorted Links

Assorted links for Wednesday, June 19:

  1. Arm64 on GitHub Actions: Powering faster, more efficient build systems

    Developers can now take advantage of Arm-based hardware hosted by GitHub to build and deploy their release assets anywhere Arm architecture is used. Best of all, these runners are priced at 37% less than our x64 Linux and Windows runners.

  2. Develop Kubernetes Operators in Java without Breaking a Sweat
  3. The Energy Footprint of Humans and Large Language Models

    Assuming an 8-hour workday and considering 260 workdays per year brings the annual energy cost of one person’s hour of daily work to around 6 kWh[a].

    Now for the energy cost of running an LLM. We have set a target of 250 words in an hour. LLMs generate tokens, parts of words, so if we use the standard ratio (for English) of 0.75 words per token, our target for one hour of work is around 333 tokens. Measurements with Llama 65B reported around 4 Joules per output token [4]. This leads to 1,332 Joules for 333 tokens, about 0.00037 kWh.

  4. Microsoft is reworking Recall after researchers point out its security problems

    Microsoft’s upcoming Recall feature in Windows 11 has generated a wave of controversy this week following early testing that revealed huge security holes. The initial version of Recall saves screenshots and a large plaintext database tracking everything that users do on their PCs, and in the current version of the feature, it’s trivially easy to steal and view that database and all of those screenshots for any user on a given PC, even if you don’t have administrator access. Recall also does little to nothing to redact sensitive information from its screenshots or that database.

    First and most significantly, the company says that Recall will be opt-in by default, so users will need to decide to turn it on. It may seem like a small change, but many users never touch the defaults on their PCs, and for Recall to be grabbing all of that data by default definitely puts more users at risk of having their data stolen unawares.

    The company also says it’s adding additional protections to Recall to make the data harder to access. You’ll need to enable Windows Hello to use Recall, and you’ll need to authenticate via Windows Hello (whether it’s a face-scanning camera, fingerprint sensor, or PIN) each time you want to open the Recall app to view your data.

  5. Building Generative AI apps with .NET 8
Tuesday 2024-06-18 Assorted Links
Assorted Links links
Published: 2024-06-18
Tuesday 2024-06-18 Assorted Links

Assorted links for Tuesday, June 18:

  1. Composable data management at Meta

    By providing a reusable, state-of-the-art execution engine that is engine- and dialect-agnostic (i.e, it can be integrated with any data system and extended to follow any SQL-dialect semantic), Velox quickly received attention from the open-source community. Beyond our initial collaborators from IBM/Ahana, Intel, and Voltron Data, today more than 200 individual collaborators from more than 20 companies around the world participate in Velox’s continued development.

  2. New warp drive concept does twist space, doesn’t move us very fast

    A team of physicists has discovered that it’s possible to build a real, actual, physical warp drive and not break any known rules of physics. One caveat: the vessel doing the warping can’t exceed the speed of light, so you’re not going to get anywhere interesting any time soon. But this research still represents an important advance in our understanding of gravity.

  3. Biggest Windows 11 update in 2 years nearly finalized, enters Release Preview

    Windows 11 24H2 includes an updated compiler, kernel, and scheduler, all lower-level system changes made at least in part to better support Arm-based PCs. Existing Windows-on-Arm systems should also see a 10 or 20 percent performance boost when using x86 applications, thanks to improvements in the translation layer (which Microsoft is now calling Prism).

    There are more user-visible changes, too. 24H2 includes Sudo for Windows, the ability to create TAR and 7-zip archives from the File Explorer, Wi-Fi 7 support, a new “energy saver” mode, and better support for Bluetooth Low Energy Audio. It also allows users to run the Copilot AI chatbot in a regular resizable window that can be pinned to the taskbar instead of always giving it a dedicated strip of screen space.

  4. BitKeeper, Linux, and licensing disputes: How Linus wrote Git in 14 days
  5. Another US state repeals law that protected ISPs from municipal competition

    Minnesota this week eliminated two laws that made it harder for cities and towns to build their own broadband networks. The state-imposed restrictions were repealed in an omnibus commerce policy bill signed on Tuesday by Gov. Tim Walz, a Democrat.

    Minnesota was previously one of about 20 states that imposed significant restrictions on municipal broadband. The number can differ depending on who’s counting because of disagreements over what counts as a significant restriction. But the list has gotten smaller in recent years because states including Arkansas, Colorado, and Washington repealed laws that hindered municipal broadband.

    The Minnesota bill enacted this week struck down a requirement that municipal telecommunications networks be approved in an election with 65 percent of the vote. The law is over a century old, the Institute for Local Self-Reliance’s Community Broadband Network Initiative wrote yesterday.

Monday 2024-06-17 Assorted Links
Assorted Links links
Published: 2024-06-17
Monday 2024-06-17 Assorted Links

Assorted links for Monday, June 17:

  1. General Availability of .NET Aspire: Simplifying .NET Cloud-Native Development

    .NET Aspire brings together tools, templates, and NuGet packages that help you build distributed applications in .NET more easily.

  2. .NET Announcements and Updates from Microsoft Build 2024

    Here’s a look at our updates & announcements:

    • Artificial Intelligence: End-to-end scenarios for building AI-enabled applications, embracing the AI ecosystem, and deep integration with cloud services.
    • .NET Aspire: for building cloud-native distributed applications, releasing today.
    • C# 13: Improvements to much loved C# features to make them even better for you.
    • Performance: Reducing memory and execution time with critical benchmarks.
    • Enhancements to .NET libraries and frameworks including ASP.NET Core, Blazor, .NET MAUI, and more.
  3. We get more useful energy out of renewables than fossil fuels

    A new study by researchers at the UK’s University of Leeds, however, suggests that … renewables already produce more net energy than the fossil fuels they’re displacing. The key to understanding why is that it’s much easier to do useful things with electricity than it is with a hunk of coal or a glob of crude oil.

  4. Docker Documentation Gets an AI-Powered Assistant

    We recently launched a new tool to enhance Docker documentation: an AI-powered documentation assistant incorporating Docker Docs AI is designed to get you the information you need by providing instant, accurate answers to your Docker-related questions directly within our documentation pages.

  5. FUSE Adds VirtIO-FS Multi-Queue For ~5x Performance Win With Linux 6.10

    With making use of multiple queues, the VirtIO-FS file-system code can be up to 5~5.5x faster for read and write performance.

Friday 2024-06-14 Assorted Links
Assorted Links links
Published: 2024-06-14
Friday 2024-06-14 Assorted Links

Assorted links for Friday, June 14:

  1. Updated Intel Meteor Lake Tuning For Linux Shows Huge Performance/Power Improvements. It is a minor tweak to the default Energy Performance Preference (EPP) value within the Intel P-State CPU frequency scaling driver.

    It’s like magic with one line of code changed in the Linux kernel that Intel is reporting up to 19% performance improvement for Intel Core Ultra “Meteor Lake” and up to an 11% improvement in performance per Watt. Or in another EPP mode, the power consumption during video playback can be reduced by 52%!

  2. These light paintings let us visualize invisible clouds of air pollution

    Light painting is a technique used in both art and science that involves taking long-exposure photographs while moving some kind of light source—a small flashlight, perhaps, or candles or glowsticks—to essentially trace an image with light. A UK collaboration of scientists and artists has combined light painting with low-cost air pollution sensors to visualize concentrations of particulate matter (PM) in select locations in India, Ethiopia, and Wales. The objective is to creatively highlight the health risks posed by air pollution, according to a new paper published in the journal Nature Communications.

  3. GPT-4 beats psychologists on a new test of social intelligence

    There were significant differences in SI between psychologists and AI’s ChatGPT-4 and Bing. ChatGPT-4 exceeded 100% of all the psychologists, and Bing outperformed 50% of PhD holders and 90% of bachelor’s holders. The differences in SI between Google Bard and bachelor students were not significant, whereas the differences with PhDs were significant; Where 90% of PhD holders excel on Google Bird.

  4. Wasm vs. Docker: Performant, Secure, and Versatile Containers
  5. Battery Arbitrage

    NYTimes: Since 2020, California has installed more giant batteries than anywhere in the world apart from China. They can soak up excess solar power during the day and store it for use when it gets dark.

    Those batteries play a pivotal role in California’s electric grid, partially replacing fossil fuels in the evening. Between 7 p.m. and 10 p.m. on April 30, for example, batteries supplied more than one-fifth of California’s electricity and, for a few minutes, pumped out 7,046 megawatts of electricity, akin to the output from seven large nuclear reactors.

Thursday 2024-06-13 Assorted Links
Assorted Links links
Published: 2024-06-13
Thursday 2024-06-13 Assorted Links

Assorted links for Thursday, June 13:

  1. Microsoft Rolling Out New Windows Subsystem For Linux “WSL” Features For 2024

    Windows Subsystem for Linux is now automatically releasing stored memory in WSL back for use by Windows. This automatic memory reclaim support is a great addition and makes Windows behave better especially for systems with limited amounts of RAM. Without this support in memory hungry situations like with Docker it was possible for WSL2 to exhaust all of the system’s physical memory.

    Windows Subsystem for Linux has also enabled DNS tunneling by default for improved network support.

    Meanwhile in experimental form is support for automatic disk reclaim and a new mirrored networking mode that provides for features like IPv6 support.

  2. New York Stock Exchange says bizarre glitch that showed Berkshire Hathaway down 99.97% has been resolved. Reversibility is an important feature of financial systems which naive blockchain systems deliberately forego.

    For nearly two hours, Berkshire Hathaway’s Class A shares were listed as trading at just $185.10 — a price that would represent a loss of 99.97%. Berkshire closed at $627,400 on Friday.

    NYSE announced it has decided to “bust,” or cancel, all “erroneous” trades for Berkshire between 9:50 am ET and 9:51 am ET at or below $603,718.30. The exchange said that ruling is not eligible for appeal and indicated it could cancel other trades.

  3. Microsoft Releases Azure Linux 3.0 Preview

    Azure Linux 3.0 shifts from the aging Linux 5.15 kernel to the newer Linux 6.6 LTS kernel as well as significant updates to OpenSSL, systemd, Runc, and other components. Azure Linux 3.0 is also now defaulting to SELinux’s enforcing mode by default.

  4. Announcing the official OpenAI library for .NET

    Today, the OpenAI team released their first beta, version 2.0.0-beta.1, of the official OpenAI library for .NET. Features include:

    • Support for the entire OpenAI API, including Assistants v2 and Chat Completions
    • Support for GPT-4o, OpenAI’s latest flagship model
    • Extensibility to enable the community to build libraries on top
    • Sync and async APIs for ease of use and efficiency
    • Access to streaming completions via IAsyncEnumerable<T>
  5. We’ve just had a year in which every month was a record-setter

    Yesterday, the European Union’s Copernicus Earth-monitoring service announced that we’ve now gone a full year where every single month has been the warmest version of that month since we’ve had enough instruments in place to track global temperatures.

Wednesday 2024-06-12 Assorted Links
Assorted Links links
Published: 2024-06-12
Wednesday 2024-06-12 Assorted Links

Assorted links for Wednesday, June 12:

  1. Fracking wastewater has “shocking” amount of clean-energy mineral lithium

    A study from researchers at the National Energy Technology Laboratory shows the wastewater produced by Pennsylvania’s unconventional wells could contain enough lithium to meet 38 to 40 percent of current domestic consumption.

  2. Catch Up on Microsoft Build 2024: Essential Sessions for .NET Developers
  3. Highlights from Microsoft Build: Docker’s Innovations with AI and Windows on Arm
  4. Google Cloud explains how it accidentally deleted a customer account. The Google blog post is entitled Sharing details on a recent incident impacting one of our customers which is a ridiculous understatement.

    During the initial deployment of a Google Cloud VMware Engine (GCVE) Private Cloud for the customer using an internal tool, there was an inadvertent misconfiguration of the GCVE service by Google operators due to leaving a parameter blank. This had the unintended and then unknown consequence of defaulting the customer’s GCVE Private Cloud to a fixed term, with automatic deletion at the end of that period. The incident trigger and the downstream system behavior have both been corrected to ensure that this cannot happen again.

  5. AI passes the restaurant review Turing test. We are rapidly entering an era where we won’t be able to believe anything – articles, photos, videos, voice recordings – is genuine and original. Are you prepared?

    In a series of experiments for a new study, Kovács found that a panel of human testers was unable to distinguish between reviews written by humans and those written by GPT-4, the LLM powering the latest iteration of ChatGPT. In fact, they were more confident about the authenticity of AI-written reviews than they were about human-written reviews.

Tuesday 2024-06-11 Assorted Links
Assorted Links links
Published: 2024-06-11
Tuesday 2024-06-11 Assorted Links

Assorted links for Tuesday, June 11:

  1. Experimental Windows Containers Support for BuildKit Released in v0.13.0

    BuildKit is a toolkit for converting source code to build artifacts (like container images) in an efficient, expressive, and repeatable manner.

  2. OpenAI training its next major AI model, forms new safety committee

    On Monday, OpenAI announced the formation of a new “Safety and Security Committee” to oversee risk management for its projects and operations. The announcement comes as the company says it has “recently begun” training its next frontier model, which it expects to bring the company closer to its goal of achieving artificial general intelligence (AGI), though some critics say AGI is farther off than we might think. It also comes as a reaction to two weeks of public setbacks for the company.

  3. Canonical Developing “Flamenco” For Enhancing .NET Developer Experience On Ubuntu

    “Flamenco is a CLI tool that helps toolchain developers manage many different package versions and releases from a single debian folder source tree.”

  4. GitHub and JFrog partner to unify code and binaries for DevSecOps

    Together, we’ve built an integration that includes intuitive navigation and traceability between source code and binaries, CI/CD with GitHub Actions and JFrog Artifactory, and a unified view of security findings across the software supply chain. By providing full control and visibility across the entire software supply chain, we are accelerating our joint vision of making developers’ lives easier and happier.

  5. Amazon Cloud Traffic Is Suffocating Fedora’s Mirrors

    A massive uptick in traffic to Fedora’s package mirrors is causing problems for the Linux distribution. Some five million additional systems have started putting additional strain on Fedora’s mirror resources since March and appear to be coming from Amazon’s cloud.

Monday 2024-06-10 Assorted Links
Assorted Links links
Published: 2024-06-10
Monday 2024-06-10 Assorted Links

Assorted links for Monday, June 10:

  1. Federal agency warns critical Linux vulnerability being actively exploited

    The vulnerability, tracked as CVE-2024-1086 and carrying a severity rating of 7.8 out of a possible 10, allows people who have already gained a foothold inside an affected system to escalate their system privileges. It’s the result of a use-after-free error, a class of vulnerability that occurs in software written in the C and C++ languages when a process continues to access a memory location after it has been freed or deallocated. Use-after-free vulnerabilities can result in remote code or privilege escalation.

    The vulnerability, which affects Linux kernel versions 5.14 through 6.6, resides in the NF_tables, a kernel component enabling the Netfilter, which in turn facilitates a variety of network operations, including packet filtering, network address [and port] translation (NA[P]T), packet logging, userspace packet queueing, and other packet mangling. It was patched in January, but as the CISA advisory indicates, some production systems have yet to install it. At the time this Ars post went live, there were no known details about the active exploitation.

  2. Google’s AI Overview is flawed by design, and a new company blog post hints at why

    Here we see the fundamental flaw of the system: “AI Overviews are built to only show information that is backed up by top web results.” The design is based on the false assumption that Google’s page-ranking algorithm favors accurate results and not SEO-gamed garbage. Google Search has been broken for some time, and now the company is relying on those gamed and spam-filled results to feed its new AI model.

  3. Online Privacy and Overfishing

    Internet surveillance, and the resultant loss of privacy, is following the same trajectory. Just as certain fish populations in the world’s oceans have fallen 80 percent, from previously having fallen 80 percent, from previously having fallen 80 percent (ad infinitum), our expectations of privacy have similarly fallen precipitously. The pervasive nature of modern technology makes surveillance easier than ever before, while each successive generation of the public is accustomed to the privacy status quo of their youth. What seems normal to us in the security community is whatever was commonplace at the beginning of our careers.

  4. The Danish Mortgage System Avoids Lock-In

    Recall that in the Danish system each mortgage is backed by a matching bond. As a consequence, mortgage holders have two ways to pay a mortgage: 1) hold the mortgage and pay the monthly payments or 2) buy the matching bond and, in effect, extinguish the mortgage. The latter option is valuable because when interest rates rise, the price of mortgages fall.

    …Danish sellers are able to earn a profit when they trade in their low mortgage rates for more-expensive ones, making it easier to move even when rates rise.

  5. Vaccines don’t cause autism, but the lie won’t die. In fact, it’s getting worse.

    In all, it’s a bleak finding that bodes poorly for the collective health of Americans, who are now seeing rises in cases of measles and other vaccine-preventable illnesses. Additional surveys by the APPC in 2021, 2022, and 2023 identified a slight increase in the number of survey takers who specifically believe, falsely, that the MMR (measles, mumps, and rubella) vaccine causes autism. In 2021, 9 percent of respondents falsely indicated that MMR vaccine causes autism, responding that the statement was “definitely true” (2 percent) or “probably true” (7 percent). In 2023, 12 percent of respondents fell into those categories, 2 percent for “definitely true” and 10 percent for “probably true.”

    Since the start of 2024, the US has seen a steady march of measles infections nationwide. As of May 31, the CDC has recorded 146 cases across 21 states. Of those cases, 64 were part of a large outbreak in Chicago, which was declared over on May 30.

Wednesday 2024-05-22 Assorted Links
Assorted Links links
Published: 2024-05-22
Wednesday 2024-05-22 Assorted Links

Assorted links for Wednesday, May 22:

  1. Investment Returns Are NOT Random
  2. Why Running Slower Isn’t Always the Answer
  3. How to Set Up a Home Security Camera System Without Using the Cloud
  4. The Best Custom GPTs to Make ChatGPT Even More Useful
  5. How AI enhances static application security testing (SAST)
  6. Why do only a small percentage of GenAI projects actually make it into production?
  7. Data Fetching Patterns in Single-Page Applications
  8. What’s new with io-uring in 6.10
Tuesday 2024-05-21 Assorted Links
Assorted Links links
Published: 2024-05-21
Tuesday 2024-05-21 Assorted Links

Assorted links for Tuesday, May 21:

  1. Linux maintainers were infected for 2 years by SSH-dwelling backdoor with huge reach
  2. Building your C++ Code with CMake in VS Code
  3. Pure Virtual C++ 2024 Recordings Now Available
  4. Microsoft launches AI chatbot for spies
  5. Critical vulnerabilities in BIG-IP appliances leave big networks open to intrusion
  6. Major ChatGPT-4o update allows audio-video talks with an “emotional” AI chatbot
  7. Before launching, GPT-4o broke records on chatbot leaderboard under a secret name
  8. AI in Gmail will sift through emails, provide search summaries, send emails
  9. MIT students stole $25M in seconds by exploiting ETH blockchain bug, DOJ says
  10. The Rise of Large-Language-Model Optimization
Monday 2024-05-20 Assorted Links
Assorted Links links
Published: 2024-05-20
Monday 2024-05-20 Assorted Links

Assorted links for Monday, May 20:

  1. Microsoft plans to lock down Windows DNS like never before. Here’s how.: The framework is called Zero Trust DNS (ZTDNS)
  2. An informal comparison of the three major implementations of std::string
  3. “Unprecedented” Google Cloud event wipes out customer account and its backups
  4. Slack Is Using Your Private Conversations to Train Its AI
  5. Cloudflare Praises Golang PGO For Significant CPU Savings
  6. Torvalds Voices Thoughts On Linux Mitigating Unexpected Arithmetic Overflows/Underflows
  7. IO-uring Bringing Better Send Zero-Copy Performance With Linux 6.10
  8. Microsoft Engineer Ports EXT2 File-System Driver To Rust
  9. Secure Randomness in Go 1.22
  10. FUSE passthrough for file I/O
Friday 2024-05-10 Assorted Links
Assorted Links links
Published: 2024-05-10
Friday 2024-05-10 Assorted Links

Assorted links for Friday, May 10:

  1. How an empty S3 bucket can make your AWS bill explode
  2. MemoryDB: Speed, Durability, and Composition.
  3. Best practices for monitoring ML models in production
  4. New Microsoft AI model may challenge GPT-4 and Google Gemini
  5. Novel attack against virtually all VPN apps neuters their entire purpose
  6. Hackers discover how to reprogram NES Tetris from within the game
  7. Storage Churn: Some thoughts on alternative cloud storage services
  8. Was There A Trojan Horse Hidden In Section 230 All Along That Could Enable Adversarial Interoperability?
  9. Why choose sum types over exceptions?
  10. Fixing retries with token buckets and circuit breakers
Thursday 2024-05-09 Assorted Links
Assorted Links links
Published: 2024-05-09
Thursday 2024-05-09 Assorted Links

Assorted links for Thursday, May 9:

  1. Dependabot on GitHub Actions and self-hosted runners is now generally available
  2. Speeding up C++ build times
  3. Why OpenAI Replaced ChatGPT Plugins With GPTs
  4. Making an Application More Robust With Data Mapping
  5. The business of wallets

    Regulators strongly prefer that deposits stay within the regulated banking sector. The single largest reason is that they’re worried that households’ immediately accessible stored funds stay safe and accessible. A major follow-up reason, less understood by non-specialists, is that regulated banks are bound to a long list of consumer protection items on the transaction level, not the institution level. A lot of the abuse in the economy happens in $50 and $5,000 increments, rather than multi-billion dollar increments. Regulators sleep happier knowing that this abuse happens at companies with teams of operators standing. Those operators will groan and chalk a disputed transaction, instance of fraud, or glitch in the matrix up to the operational losses budget rather than sticking a user with it.

  6. How we built Text-to-SQL at Pinterest
  7. Minimizing on-call burnout through alerts observability
  8. What Is Amazon Resource Name (ARN)?
  9. OpenTelemetry Best Practices #1: Naming
  10. OpenTelemetry Best Practices #2 Agents, Sidecars, Collectors, Coded Instrumentation
Wednesday 2024-05-08 Assorted Links
Assorted Links links
Published: 2024-05-08
Wednesday 2024-05-08 Assorted Links

Assorted links for Wednesday, May 8:

  1. Development Containers Simplified
  2. Highlights from Git 2.45
  3. systemd Rolling Out run0 As sudo Alternative: From what I can tell from the summary, run0 should be more secure than sudo
    • Detailed commentary from Lennart Poterring is here
  4. What we need to take away from the XZ Backdoor
  5. Get started with the latest updates for Dockerfile syntax (v1.7.0)
  6. MSVC Address Sanitizer adoption in .NET’s CoreCLR: I want to use significantly more static and dynamic analysis in my occasional C++ use
  7. Visual Studio features for C++ Header Files and Modules
  8. How to audit data modifications with surgical precision
  9. Storing energy with compressed air is about to have its moment of truth
  10. Introducing Artifact Attestations–now in public beta
Tuesday 2024-05-07 Assorted Links
Assorted Links links
Published: 2024-05-07
Tuesday 2024-05-07 Assorted Links

Assorted links for Tuesday, May 7:

  1. Streamline your container build and publish with .NET 8
  2. Building a scalable gateway with .NET for Microsoft AI
  3. Profiling Docker Compose services through Visual Studio
  4. Refactor your C# code with primary constructors
  5. What’s new for .NET in Ubuntu 24.04
  6. Secure your container build and publish with .NET 8
  7. Silent, brokered authentication on Windows with the Azure Identity libraries
  8. Vendor-Locked DevOps Strategies: Personally I think vendor lock-in is mostly overblown.
  9. 4 ways GitHub engineers use GitHub Copilot
  10. The Performance Impact of C++’s final Keyword: tl;dr, final isn’t always faster, and modern CPU performance defies intuition so always test & measure.
Monday 2024-05-06 Assorted Links
Assorted Links links
Published: 2024-05-06
Monday 2024-05-06 Assorted Links

Assorted links for Monday, May 6:

  1. It’s About Time!: Some discussions about the use of time in system designs.
  2. BPFAgent: eBPF for Monitoring at DoorDash
  3. Best practices to prevent alert fatigue
  4. Streamlining and Implementing Incident Management at Dyninno
  5. What is Platform Engineering? by Gartner
  6. Inside the gamedays: how we tested Signals for reliability
  7. The Making of VES: the Cosmos Microservice for Netflix Video Encoding
  8. Researchers make a plastic that includes bacteria that can digest it
  9. Review of the Summer 2023 Microsoft Exchange Online Intrusion by the Cyber Safety Review Board
  10. How G.M. Tricked Millions of Drivers Into Being Spied On (Including Me)
Friday 2024-04-26 Assorted Links
Assorted Links links
Published: 2024-04-26
Friday 2024-04-26 Assorted Links

Assorted links for Friday, April 26:

  1. Apache DataSketches: A software library of stochastic streaming algorithms
  2. Sysdig 2022 Cloud-Native Security and Usage Report: Stay on Top of Risks as You Scale
  3. validkube: Validkube combines the best open-source tools to help ensure Kubernetes YAML best practices, hygiene & security
  4. Best Practices for Running Stateful Applications on Kubernetes
  5. The Twelve-Factor App
  6. Multi-Runtime Microservices Architecture
  7. What Comes after Microservices? Multi-Runtime Microservices with Bilgin Ibryam at QCon London
  8. Microservices guru warns devs that trendy architecture shouldn’t be the default for every app, but ‘a last resort’
  9. Istio as an Example of When Not to Do Microservices
  10. Zhamak Dehghani on Data Mesh, Domain-Oriented Data, and Building Data Platforms
Thursday 2024-04-25 Assorted Links
Assorted Links links
Published: 2024-04-25
Thursday 2024-04-25 Assorted Links

Assorted links for Thursday, April 25:

  1. Onboarding SLOs for Salesforce services
  2. Curiefense: An application security platform
  3. It’s always DNS… except when it’s not: A deep dive through gRPC, Kubernetes, and AWS networking
  4. Set up a Terraform Pipeline with GitHub Actions and GitHub OIDC for AWS
  5. Improving software supply chain security with tamper-proof builds
  6. How Netflix Content Engineering makes a federated graph searchable
  7. The complete guide to protecting your APIs with OAuth2 (part 1)
  8. How to Use Docker to Containerize Java Web Applications: Tutorial for Beginners
  9. Detecting silent errors in the wild: Combining two novel approaches to quickly detect silent data corruptions at scale
  10. Awesome C: A curated list of C good stuff
Wednesday 2024-04-24 Assorted Links
Assorted Links links
Published: 2024-04-24
Wednesday 2024-04-24 Assorted Links

Assorted links for Wednesday, April 24:

  1. Pharos: The Observability Platform at Workday
  2. How We Halved Go Monorepo CI Build Time
  3. DevOps and Cloud InfoQ Trends Report – June 2022
  4. SLSA: Securing the Software Supply Chain
  5. AWS Security Maturity Model
  6. Uncurled – everything I know and learned about running and maintaining Open Source projects for three decades.
  7. .bazelrc flags you should enable
  8. OpenFeature: Standardizing Feature Flagging for Everyone
  9. Building a Platform for Serving Recommendations at Etsy
  10. Observability 4 JVM Frameworks with Grafana in Java and Kotlin
Tuesday 2024-04-23 Assorted Links
Assorted Links links
Published: 2024-04-23
Tuesday 2024-04-23 Assorted Links

Assorted links for Tuesday, April 23:

  1. Cost Optimisation In The Cloud – Practical Design Steps For Architects and Developers – Part 1
  2. Cost Optimisation In The Cloud – Practical Design Steps For Architects and Developers – Part 2
  3. Optimizing TCP for high WAN throughput while preserving low latency
  4. Slowing Down to Speed Up – Circuit Breakers for Slack’s CI/CD
  5. Delivery Lead Time In Practice
  6. HashiCorp 2023 State of Cloud Strategy Survey: Cloud maturity drives operational efficiency
  7. Application architecture: A quick guide for startups
  8. Locking Engineering Hierarchy
  9. Locking Engineering Principles
  10. A Look at AzOps for Azure Infrastructure Management
Monday 2024-04-22 Assorted Links
Assorted Links links
Published: 2024-04-22
Monday 2024-04-22 Assorted Links

Assorted links for Monday, April 22:

  1. Improving Meta’s SLO workflows with data annotations
  2. Patterns of Distributed Systems: Request Batch
  3. Patterns of Distributed Systems: Fixed Partitions
  4. Patterns of Distributed Systems: Emergent Leader
  5. Patterns of Distributed Systems: Clock-Bound Wait
  6. Faster ML Experimentation at Etsy with Interleaving
  7. Towards Machine Learning Observability at Etsy
  8. Announcing built-in container support for the .NET SDK
  9. A primer on Roaring bitmaps: what they are and how they work
  10. A Developer’s Guide to Terraform
Friday 2024-04-19 Assorted Links
Assorted Links links
Published: 2024-04-19
Friday 2024-04-19 Assorted Links

Assorted links for Friday, April 19:

  1. APIs as infrastructure: future-proofing Stripe with versioning
  2. Versioning releases from a monorepo
  3. Securing the Supply Chain of Nothing
  4. Does the GitOps Emperor Have No Clothes?
  5. Ninja Van’s monitoring stack
  6. Continuous Load Testing: Building a culture of performance with Koi Pond
  7. Open Source Software (OSS) Secure Supply Chain (SSC) Framework Simplified Requirements
  8. Git’s database internals I: packed object store
  9. Scaling Git’s garbage collection
  10. Viewing the world as a computer: Global capacity management
Thursday 2024-04-18 Assorted Links
Assorted Links links
Published: 2024-04-18
Thursday 2024-04-18 Assorted Links

Assorted links for Thursday, April 18:

  1. How to Roll Your Kafka Cluster With Zero Downtime and No Data Loss
  2. Risk Assessments for AWS Access are Not Just for Large Companies
  3. How DoorDash Governs Its Infrastructure with Open Policy Agent
  4. State of AWS Security: A Look Into Real-World AWS Environments
  5. The Future of Ops Is Platform Engineering
  6. Announcing the 2022 Accelerate State of DevOps Report: A deep dive into security
  7. What’s Inside Of a Distroless Container Image: Taking a Deeper Look
  8. The Art of Logging: Creating a human- and machine-friendly logging format
  9. How to select technology for Data Mesh
  10. Enabling static analysis of SQL queries at Meta
Wednesday 2024-04-17 Assorted Links
Assorted Links links
Published: 2024-04-17
Wednesday 2024-04-17 Assorted Links

Assorted links for Wednesday, April 17:

  1. Introducing Wolfi: The first Linux (un)distro designed for securing the software supply chain
  2. The Top 5 kubectl Plugins by GitHub Stars
  3. Why and How eBay Pivoted to OpenTelemetry
  4. Boosting Kubernetes container runtime observability with OpenTelemetry
  5. Common mistakes in DevOps metrics
  6. Container Tools, Tips, and Tricks - Issue #2
  7. Introducing Finch: An Open Source Client for Container Development
  8. Seeing through hardware counters: a journey to threefold performance increase
  9. The Evolution of DevOps
  10. The Importance of Just-in-Time Access for Least Privilege in the Cloud
Tuesday 2024-04-16 Assorted Links
Assorted Links links
Published: 2024-04-16
Tuesday 2024-04-16 Assorted Links

Assorted links for Tuesday, April 16:

  1. Shared Responsibility Model
  2. Estimating the effort to build a Bazel CI/CD
  3. The Secret Sauce of Tik-Tok’s Recommendations
  4. Tulip: Modernizing Meta’s data platform
  5. How the GitHub Docs team uses GitHub Projects
  6. io_uring and networking in 2023
  7. The technology behind GitHub’s new code search
  8. Fast and Furious: Doubling Down on SBOM Drift
  9. How DoorDash Upgraded a Heuristic with ML to Save Thousands of Canceled Orders
  10. How to Increase Deployment Observability and Simplify Deployment Pipelines
Monday 2024-04-15 Assorted Links
Assorted Links links
Published: 2024-04-15
Monday 2024-04-15 Assorted Links

Assorted links for Monday, April 15:

  1. cURL audit: How a joke led to significant findings
  2. Incident travel time: The real investment is how fast you get there
  3. Introducing Hermes, An Open Source Document Management System
  4. Unreadable Metrics: Why You Can’t Find Anything in Your Monitoring Dashboards: A Guide to Effective Dashboard Design for DevOps and SRE
  5. A Complete Guide to Google’s Core Web Vitals and How to Optimize Them
  6. What Are Structured Logs and How Do They Improve Performance?
  7. The life of a DNS query in Kubernetes
  8. Building a Staging Environment for Data Teams
  9. Getting Started With Java Development in 2023 — An Opinionated Guide
  10. Fairness in multi-tenant systems
Friday 2024-04-12 Assorted Links
Assorted Links links
Published: 2024-04-12
Friday 2024-04-12 Assorted Links

Assorted links for Friday, April 12:

  1. Software Supply Chain Attestation the Easy Way
  2. How Many Is Too Much? Exploring Costs of Coordination During Outages
  3. How We Keep Our Government Apps Running With High Reliability: A Peek at Our Incident Management Strategy
  4. Infrastructure as Code is Not the Answer!
  5. 20 Terraform Best Practices to Improve your TF workflow
  6. SBoMs with Dracon, cheaper, faster, more accurate, better
  7. The State of Secrets Sprawl 2023
  8. The COGS Problem
  9. Presets for bazelrc
  10. The Biggest Cloud Native Strategy Mistake
Thursday 2024-04-11 Assorted Links
Assorted Links links
Published: 2024-04-11
Thursday 2024-04-11 Assorted Links

Assorted links for Thursday, April 11:

  1. GNU Stow 2.4.0 released – I use stow whenever I’m installing custom-compiled software.
  2. Security Vulnerability of HTML Emails

    The email your manager received and forwarded to you was something completely innocent, such as a potential customer asking a few questions. All that email was supposed to achieve was being forwarded to you. However, the moment the email appeared in your inbox, it changed. The innocent pretext disappeared and the real phishing email became visible. A phishing email you had to trust because you knew the sender and they even confirmed that they had forwarded it to you.

  3. Improved Alerting with Atlas Streaming Eval
  4. Why choose sum types over exceptions?
  5. Refresh vs. Long-lived Access Tokens
  6. Why you should use io_uring for network I/O
  7. Clocks and Causality - Ordering Events in Distributed Systems
  8. Twitter’s Recommendation Algorithm
  9. Introducing self-service SBOMs
  10. Practical tips for rightsizing your Kubernetes workloads
Wednesday 2024-04-10 Assorted Links
Assorted Links links
Published: 2024-04-10
Wednesday 2024-04-10 Assorted Links

Assorted links for Wednesday, April 10:

  1. Windows debugger trick: Breaking when a specific debugger message is printed
  2. Security research without ever leaving GitHub: From code scanning to CVE via Codespaces and private vulnerability reporting
  3. Developers with AI assistants need to follow the pair programming model
  4. How Copilot is being used by the Time Travel Debugging team for repetitive C++ coding
  5. Anatomy of a credit card rewards program
  6. How do mixture-of-experts layers affect transformer models?
  7. What is retrieval-augmented generation, and what does it do for generative AI?
  8. Timeline of the xz open source attack
  9. Bullying in Open Source Software Is a Massive Security Vulnerability
  10. Reverse Searching Netflix’s Federated Graph
Tuesday 2024-04-09 Assorted Links
Assorted Links links
Published: 2024-04-09
Tuesday 2024-04-09 Assorted Links

Assorted links for Tuesday, April 9:

  1. OpenBSD system-call pinning
  2. The Rise and Fall of Silicon Graphics
  3. Fine-grained RBAC for GitHub Action workflows With GitHub OIDC and HashiCorp Vault
  4. Using the Platform Engineering Maturity Model to Understand the Commitment Required for an Internal Developer Platform
  5. Best practices for monitoring software testing in CI/CD
  6. File Monitoring with eBPF and Tetragon (Part 1)
  7. Documentation as code: Principles, workflow, and challenges
  8. The lifecycle of a code AI completion
  9. What we know about the xz Utils backdoor that almost infected the world
  10. Bringing enterprise-level security and even more power to GitHub-hosted runners
Monday 2024-04-08 Assorted Links
Assorted Links links
Published: 2024-04-08
Monday 2024-04-08 Assorted Links

Assorted links for Monday, April 8:

  1. GNU Coreutils 9.5 Can Yield 10~20% Throughput Boost For cp, mv & cat Commands: The speed increase is by increasing the default block size from 128KiB to 256KiB. Anyone still working in 4KiB or 64KiB blocks? Time to increase!
  2. Biden orders every US agency to appoint a chief AI officer

    As chief AI officers, appointees will serve as senior advisers on AI initiatives, monitoring and inventorying all agency uses of AI. They must conduct risk assessments to consider whether any AI uses are impacting “safety, security, civil rights, civil liberties, privacy, democratic values, human rights, equal opportunities, worker well-being, access to critical resources and services, agency trust and credibility, and market competition,” OMB said.

  3. Oregon Just Passed a Monumental ‘Right to Repair’ Law

    [W]hat sets this Oregon law apart from the other three states is that is bans “parts pairing,” a term that describes when companies prevent unauthorized parts from functioning in their devices.

  4. Bing on .NET 8: The Impact of Dynamic PGO: .NET continues to deliver significant performance improvements release after release, with near-perfect backwards compatibility.
  5. Google says running AI models on phones is a huge RAM hog: Is it possible that the largest barrier to Artificial General Intelligence (AGI) will be the amount of computing resources (RAM, GPU, electricity, etc.) necessary to run it?
  6. Why the Department of Justice Cares About Green Bubbles on iPhones
  7. Garbage Collection for Systems Programmers
  8. Making AI powered .NET apps more consistent and intelligent with Redis
  9. Improvements to static analysis in the GCC 14 compiler
  10. Running local tools installed by Bazel
Friday 2024-04-05 Assorted Links
Assorted Links links
Published: 2024-04-05
Friday 2024-04-05 Assorted Links

Assorted links for Friday, April 5:

  1. Scaling up the Prime Video audio/video monitoring service and reducing costs by 90% – a case study of moving from distributed microservices back to a monolith application
  2. Shaping live sports publishing traffic through a distributed scheduling system
  3. Debugging a FUSE deadlock in the Linux kernel
  4. Enum Class Bitmasks
  5. Bazel in CI (Part 1): Commit Under Test
  6. Bazel in CI (Part 2): Worker Setup
  7. Bazel Caching Explained (pt. 3): Repository Cache
  8. Fast builds, secure builds. Choose two. – How Stripe uses Bazel for build and test pipelines.
  9. Bazel roadmap
  10. Introducing rules_oci – A replacement for rules_docker which builds container images.
Thursday 2024-04-04 Assorted Links
Assorted Links links
Published: 2024-04-04
Thursday 2024-04-04 Assorted Links

Assorted links for Thursday, April 4:

  1. Why SQLite is so great for the edge
  2. OpenTelemetry: The Star of KubeCon 2023
  3. Awesome Load Management
  4. Warden: Real Time Anomaly Detection at Pinterest
  5. Packaging Open Policy Agent policies with Nix
  6. OpenSearch vs Solr: Which One Is Better to Use?
  7. 7 Core Elements of an Internal Developer Platform
  8. Native Frame Rate Playback – Netflix Technology Blog
  9. Applying GitOps principles to your operations
  10. Highlights from Git 2.41
Wednesday 2024-04-03 Assorted Links
Assorted Links links
Published: 2024-04-03
Wednesday 2024-04-03 Assorted Links

Assorted links for Wednesday, April 3:

  1. Imaginary Problems Are the Root of Bad Software
  2. DevOps uses a capability model, not a maturity model
  3. Read Every Single Error
  4. Ditch the Template: Incident Write-ups They Want to Read
  5. Load Balancing
  6. 10+ Best Tools & Systems for Monitoring Ubuntu Server Performance (2023 Comparison)
  7. How We Improved Our Monitoring Stack With Only a Few Small Changes
  8. What Every Developer Should Know About AWS Vault
  9. Move over, Dockerfiles! The new way to craft containers
  10. Software Bill of Materials (SBOM)
Tuesday 2024-04-02 Assorted Links
Assorted Links links
Published: 2024-04-02
Tuesday 2024-04-02 Assorted Links

Assorted links for Tuesday, April 2:

  1. How we host Ars Technica in the cloud, part two: The software
  2. Hosting Ars, part three: CI/CD, or how I learned to stop worrying and love DevOps
  3. Scaling the Instagram Explore recommendations system
  4. How Meta is improving password security and preserving privacy
  5. Fixit 2: Meta’s next-generation auto-fixing linter
  6. Four tips to keep your GitHub Actions workflows secure
  7. How we build containerized services at GitHub using GitHub
  8. Scaling merge-ort across GitHub
  9. Metrics for issues, pull requests, and discussions
  10. A developer’s guide to prompt engineering and LLMs
Monday 2024-04-01 Assorted Links
Assorted Links links
Published: 2024-04-01
Monday 2024-04-01 Assorted Links

Assorted links for Monday, April 1:

  1. Thousands of servers hacked in ongoing attack targeting Ray AI framework: Researchers say it’s the first known in-the-wild attack targeting AI workloads.
  2. An Alerting strategy for the cloud
  3. Parsing Protobuf at 2+GB/s: How I Learned To Love Tail Calls in C
  4. Advances in document understanding
  5. From U2F to passkeys
  6. Protecting Secrets with Docker
  7. Improve Docker Compose Modularity with include
  8. Container Security and Why It Matters
  9. vcpkg integration with the GitHub dependency graph
  10. Introducing Immortal Objects for Python
Friday 2024-03-29 Assorted Links
Assorted Links links
Published: 2024-03-29
Friday 2024-03-29 Assorted Links

Assorted links for Friday, March 29:

  1. Use ‘Jan’ to Chat With AI Without the Privacy Concerns
  2. Uncovering the Seams in Mainframes for Incremental Modernisation: A Case Study of Legacy Displacement
  3. Bringing HDR photo support to Instagram and Threads
  4. Is Your Container Image Really Distroless?
  5. containerd vs. Docker: Understanding Their Relationship and How They Work Together
  6. Some choices for encrypting data so that it can be decrypted only by the same user or computer
  7. How to Start a ‘Backdoor’ Roth IRA (and When You Should)
  8. Microsoft opens a crack in console gaming’s decades-old walled garden
  9. Intel, Microsoft discuss plans to run Copilot locally on PCs instead of in the cloud
  10. Quantum computing progress: Higher temps, better error correction
Thursday 2024-03-28 Assorted Links
Assorted Links links
Published: 2024-03-28
Thursday 2024-03-28 Assorted Links

Assorted links for Thursday, March 28:

  1. The RedMonk Programming Language Rankings: January 2024
  2. How Figma’s databases team lived to tell the scale
  3. Global products, global monitoring: Terraform Strategies for Seamless Grafana Dashboards Across Regions – this feels like using Terraform as the core of a GitOps strategy, which doesn’t sound like too bad of an idea to me
  4. Licensing AI Engineers
  5. TDD: You’re Probably Doing It Just Fine
  6. Governments Setting Limits on AI: Many countries and regions are considering, or trying to implement, regulations on the training and use of artificial intelligence
  7. Combining Machine Learning and Lifetime-Based Resource Management for Memory Allocation and Beyond
  8. How to use GitHub Copilot in your IDE: Tips, tricks, and best practices
  9. Unpatchable vulnerability in Apple chip leaks secret encryption keys
  10. Use the ‘Hawthorne Effect’ to Increase Your Productivity
Wednesday 2024-03-27 Assorted Links
Assorted Links links
Published: 2024-03-27
Wednesday 2024-03-27 Assorted Links

Assorted links for Wednesday, March 27:

  1. SDL Storage API Merged For SDL 3.0
  2. The Return of the Frame Pointers
  3. Sequential A/B Testing Keeps the World Streaming Netflix Part 2: Counting Processes
  4. Logarithm: A logging engine for AI training workflows and services
  5. AI and the Evolution of Social Media
  6. GoFetch: Breaking Constant-Time Cryptographic Implementations Using Data Memory-Dependent Prefetchers
  7. Found means fixed: Introducing code scanning autofix, powered by GitHub Copilot and CodeQL
  8. UN General Assembly adopts landmark resolution on artificial intelligence – sadly, this is a nonbinding agreement and thus effectively toothless
  9. Linux Crisis Tools – install these Linux tools on your production servers before a crisis hits
  10. The Danger of Unreliable Platforms (with Jade Rubick)
Tuesday 2024-03-26 Assorted Links
Assorted Links links
Published: 2024-03-26
Tuesday 2024-03-26 Assorted Links

Assorted links for Tuesday, March 26:

  1. Building Meta’s GenAI Infrastructure
  2. Inside the gamedays: how we tested Signals for reliability
  3. Octoverse: The state of open source and rise of AI in 2023
  4. Get started with .NET 8 and AI using new quickstart tutorials
  5. Automakers Are Sharing Consumers’ Driving Behavior With Insurance Companies
  6. Generate Local .NET Secrets from Azure Deployments
  7. Preventing production code depending on experiments – Bazel specific
  8. SMB for Linux with SMB3 POSIX extensions (FOSDEM 2024)
  9. FUSE Passthrough Mode Merged For Linux 6.9
  10. CODEOWNERS and Bazel
Monday 2024-03-25 Assorted Links
Assorted Links links
Published: 2024-03-25
Monday 2024-03-25 Assorted Links

Assorted links for Monday, March 25:

  1. Miles Davis and the Recording of a Jazz Masterpiece
  2. Publishing Bazel rules that depend on tools: take 2
  3. Revolutionize Your CI/CD Pipeline: Integrating Testcontainers and Bazel
  4. How the Great Green Wall is Holding Back the Sahara Desert
  5. BuildKit in depth: Docker’s build engine explained
  6. Scaled Agile DevOps Maturity Framework
  7. eBPF Documentary
  8. eBPF Observability Tools Are Not Security Tools
  9. LLVM’s ‘RFC: C++ Buffer Hardening’ at Google
  10. C++ safety, in context
Friday 2024-03-22 Assorted Links
Assorted Links links
Published: 2024-03-22
Friday 2024-03-22 Assorted Links

Assorted links for Friday, March 22:

  1. ComPromptMized: Unleashing Zero-click Worms that Target GenAI-Powered Applications
  2. Evolving from Rule-based Classifier: Machine Learning Powered Auto Remediation in Netflix Data Platform
  3. Chrono Trigger Director Asks What Fans Would Want In A Remake
  4. Keeping repository maintainer information accurate
  5. European crash tester says carmakers must bring back physical controls. When shopping for cars, I insist on physical controls.
Thursday 2024-03-21 Assorted Links
Assorted Links links
Published: 2024-03-21
Thursday 2024-03-21 Assorted Links

Assorted links for Thursday, March 21:

  1. Fetching ML models under Bazel
  2. Hugging Face, the GitHub of AI, hosted code that backdoored user devices
  3. Researchers create AI worms that can spread from one system to another
  4. You Should Set ‘Anti-goals’ Too
  5. Financial systems take a holiday
  6. Building Meta’s GenAI Infrastructure
  7. Measuring Developer Productivity via Humans
  8. eBPF Observability Tools Are Not Security Tools
  9. LLVM’s ‘RFC: C++ Buffer Hardening’ at Google
  10. C++ safety, in context
Wednesday 2024-03-20 Assorted Links
Assorted Links links
Published: 2024-03-20
Wednesday 2024-03-20 Assorted Links

Assorted links for Wednesday, March 20:

  1. Zalando RESTful API and Event Guidelines
  2. Zally: A minimalistic, simple-to-use OpenAPI 2 and 3 linter
  3. Top 10 common Dockerfile linting issues
  4. 2023 State of DevOps Report: Culture is everything
  5. BPFAgent: eBPF for Monitoring at DoorDash
  6. The Case for Memory Safe Roadmaps: Why Both C-Suite Executives and Technical Experts Need to Take Memory Safe Coding Seriously
  7. P2816R0: Safety Profiles: Type-and-resource Safe programming in ISO Standard C++
  8. SafeInt: A portable library that can be used with MSVC, GCC or Clang to help prevent integer overflows that might result when the application performs mathematical operations.
  9. Bluesky’s Stackable Approach to Moderation
  10. HTTP/2 and HTTP/3 explained
Tuesday 2024-03-19 Assorted Links
Assorted Links links
Published: 2024-03-19
Tuesday 2024-03-19 Assorted Links

Assorted links for Tuesday, March 19:

  1. Platform Engineering: Orchestrating Applications, Platforms, and Infrastructure
  2. Recent troubleshooting cases from our SREs, part 5. An unexpected crash due to unrelated software changes
  3. Elevating Microservices Testing and Development using DynamicEnv
  4. Code Review Security Checklist
  5. OpenSSF Malicious Packages – A collection of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerability (OSV) format.
  6. 11 Small Search Platforms: Powerful Alternatives to Elasticsearch, OpenSearch, and Solr
  7. Migrating Netflix to GraphQL Safely
  8. Monitoring is a Pain
  9. Classifying Event Driven Architecture
  10. How to Manage Schemas and Handle Standardization
Monday 2024-03-18 Assorted Links
Assorted Links links
Published: 2024-03-18
Monday 2024-03-18 Assorted Links

Assorted links for Monday, March 18:

  1. This Clock Made Power Grids Possible
  2. How we applied advanced fuzzing techniques to cURL
  3. GitHub is enabling secret push protection for all users. This means that, by default, GitHub will detect and help prevent developers from accidentally committing secrets to repositories.
  4. White House: Future Software Should be Memory Safe. The pressure on C/C++ continues to grow.
  5. AI-generated articles prompt Wikipedia to downgrade CNET’s reliability rating. I did not realize that CNET was posting AI-written articles, but I am not shocked.
  6. Solving Cold Start Timeouts with AWS Lambda and API Gateway
  7. Transactions in a Microservice World
  8. Service Delivery Index: A Driver for Reliability
  9. From Blind Spots to Clear Insights: The Evolution of Observability Tools and Practices at Greenlight
  10. Best practices for monitoring static web applications
Friday 2024-03-15 Assorted Links
Assorted Links links
Published: 2024-03-15
Friday 2024-03-15 Assorted Links

Assorted links for Friday, March 15:

  1. Automating data removal
  2. 5 tips for making your GitHub profile page accessible
  3. How to gain insight into your project contributors
  4. Streaming SQL in Data Mesh
  5. Integration testing your container images with Bazel
  6. Zero Configuration Service Mesh with On-Demand Cluster Discovery
  7. Debugging .NET Apps with Time Travel Debugging (TTD)
  8. If P99 Latency Is BS, What’s the Alternative?
  9. Exploring Event-Driven Architecture: A Beginner’s Guide for Cloud Native Developers
  10. A Taste of Policies
Thursday 2024-03-14 Assorted Links
Assorted Links links
Published: 2024-03-14
Thursday 2024-03-14 Assorted Links

Assorted links for Thursday, March 14:

  1. Prometheus and centralized storage: When you need it, how it works, and what Mimir is
  2. Prometheus and its storage: Architecture, challenges, and solutions
  3. ConfigureAwait in .NET 8
  4. The architecture of today’s LLM applications
  5. Automating dead code cleanup
  6. Source Code Management Platform Configuration Best Practices
  7. Visual Studio Code 1.21 Text Buffer Reimplementation
  8. 3 strategies to expand your threat model and secure your supply chain
  9. Memory-Mapped Files and Overlaid Structs
  10. Traffic 101: Packets Mostly Flow
Wednesday 2024-03-13 Assorted Links
Assorted Links links
Published: 2024-03-13
Wednesday 2024-03-13 Assorted Links

Assorted links for Wednesday, March 13:

  1. Q&A: Patrick Debois on the Past, Present and Future of DevOps
  2. Google Zanzibar vs OPA - Graph vs. Code Based Authorization
  3. Infrastructure as Code Will be Written by AI
  4. State of DevOps 2023 Highlights
  5. Incident Response and DevOps in the Age of Generative AI
  6. Threads of the next wave of DevOps
  7. Better DevOps with Generative AI (VMUG 2023 preso)
  8. Adam Jacob Discusses DevOps, Modelling Infrastructure, and Increasing Collaboration
  9. Software Delivery Enablement, Not Developer Productivity
  10. The API Gateway and the Future of Cloud Native Applications
Tuesday 2024-03-12 Assorted Links
Assorted Links links
Published: 2024-03-12
Tuesday 2024-03-12 Assorted Links

Assorted links for Tuesday, March 12:

  1. An intuitive documentation strategy
  2. The Architecture Of Serverless Data Systems
  3. A Practical Guide to Debugging Browser Performance with OpenTelemetry
  4. What Do Developers Need to Know About Kubernetes, Anyway?
  5. Your guide to better incident status pages
  6. Build reliable and secure C++ programs
  7. How GitHub uses GitHub Actions and Actions larger runners to build and test
  8. Releasing Bazel rulesets that publish tools
  9. Second Wave DevOps
  10. The New DevOps With Adam Jacob
Monday 2024-03-11 Assorted Links
Assorted Links links
Published: 2024-03-11
Monday 2024-03-11 Assorted Links

Assorted links for Monday, March 11:

  1. Why courtyard buildings aren’t allowed in Chicago anymore
  2. FUSE Passthrough Support May Land For Linux 6.9 To Help Boost I/O Performance
  3. Upgrading to MySQL 8.0
  4. .NET 8 Networking Improvements
  5. A deep dive into CPU requests and limits in Kubernetes
  6. Surveillance through Push Notifications
  7. Are Containers Only for Microservices? Myth Debunked
  8. How GitHub uses merge queue to ship hundreds of changes every day
  9. Sofia’s Observability Odyssey: The Do’s and Don’ts for Effective Observability
  10. Consistency Models