Better Dev Link

With Seven Things you can do now that will simplify SOC2 for you down the road while making your life, or at least your security posture, materially better in the immediacy.

A very interesting security issue on Slack app. It exploited an HTTP Request Smuggling bug on a Slack asset to perform a CL.TE-based hijack onto neighboring customer requests. You can read more about request smuggling and http desync attachks. If you are using Nginx, your app maybe vulnerable to similar issue. If you are behind AWS Load Balancer or Cloudfront, they already protected you from this.

Have you ever though of digging into Google Chrome code to find bug? It sounds scary. Smart people work on browser engines. But at the end of day, it is just code, and you can understand how it works. The author found some issue by doing steps like fuzzing, a lot of debugging. If they went to source code, they may found bug sooner.

This is a collection of lectures and labs Linux kernel topics. The lectures focus on theoretical and Linux kernel exploration. You will learn about system call, interrupt, and Symmetric Multi-Processing

I was reading Computer Systems: A Programmer’s Perspective the other day and in the chapter on Unix I/O the authors mention that there is no explicit “EOF character” at the end of a file.

a basic search module that you can add to a static website. It’s very lightweight (50kB-100kB gzipped) and should work with Hugo, Zola, and Jekyll. The engine is written in Rust, compile to webassembly using wasm-pack, which also auto-generate the JavaScript code to talk to Wasm. Now, it is time to move further away from JavaScript :-) if you didn’t like it.

A kernel “bug fix” that happened at the end of last year may be killing the performance of your Kubernetes- or Mesos-hosted applications. If you run on K8s or Mesos, or another platform that uses the Linux CFS CPU limits, you are almost certainly getting affected by this issue.

Imagine you have a contiguous array of one billion 32-bit integers in memory. That’s 4 gigabytes. How long will it take to iterate that array and sum the values? How many bytes of contiguous data can a CPU read from RAM per second? How many bytes of random access? How well can it be parallelized

In this series we’ll write a rudimentary database from scratch in Go. We will build a parser, a in-memory engine to query/insert data. Interesting see how we can build a simple SQL engine in such as small amount of code. Even if you don’t write Go, it is still worth your read to see how the parser is implemented.

subtransactions allow you to roll back part of the work done in a transaction. You start a subtransaction inside a transaction with the standard SQL statement. Then using SAVEPOINT to name it and be able to rollback back o that point.

A blog port from Google, presents two examples of employee scheduling problems, and show how to solve them using the CP-SAT solver.