Thursday, May 09, 2019

[Links of the Day] 09/05/2019 : Algorithms discrimination, Generalised solution to distributed consensus, P2P Docker registry

  • Discrimination in the Age of Algorithms : Machine learning has a huge potential, both for good and evil. The most perfidious is discrimination from an opaque algorithm, as proving that the algorithm is discriminative becomes extremely hard post-hoc. 
  • A generalised solution to distributed consensus : this result will rapidly become the first thing taught in every single distributed systems class. And if this holds as a generalization of trustful distributed consensus as a field, then she has defined its Turing Machine equivalent. And it is even remarkably easy to understand!
  • kraken : P2P Docker registry capable of distributing TBs of data in seconds

Tuesday, May 07, 2019

[Links of the Day] 07/05/2019 : JIT runtime for WASM, Advanced Distributed Command Dispatch, Data templating for all

  • WasmTime : Standalone JIT-style runtime for WebAsssembly, using Cranelift
  • Brighter : Command Dispatcher, Processor, and Distributed Task Queue
  • Jsonnet : A data templating language for app and tool developers. This seems to hit a sweet spot for app configuration and tools. Often a lot of microservices/ apps have chained dependency in their configuration and we are still forced to write and maintain each of these configuration files separately. Jsonnet helps you solve that issue.

Thursday, April 18, 2019

[Links of the Day] 18/04/2019 : Decentralised networks made easy, Reload Linux system over ssh, Self Hosted push notification

  • Octopus : Octopus allow you to streamline the creation of decentralized networks.
  • reload.sh : Wipe, reinstall or restore your system from running GNU/Linux distribution. Via SSH, without rebooting. 
  • Gotify : A self-hosted push notification service. But beware as worth noting that this will use a noticeable amount of power more than Google cloud messaging. Google/Apple and others have special deals with carriers that might make such solution cost prohibitive.


Tuesday, April 16, 2019

[Links of the Day] 16/04/2019 : L3 VPN gateway, NSA reverse engineering toolkit, Proof of History based block-chain

  • Vita : high-performance L3 VPN gateway you can use to interconnect your networks.
  • Ghidra : the first real competitor to IDA Pro, the extremely expensive and often pirated state-of-the-art software for reverse engineering.
  • Solana : bold claim from the authors as they claim to support 710,000 tx/s with off-the-shelf hardware and no sharding. This seems to be enabled by leveraging proof od history mechanism rather than the traditional proof of work that bitcoin and al. use.


Tuesday, March 05, 2019

[Links of the Day] 05/03/2019 : RDMA for containers, K8s for hobbyist, OpenSource mobile core network

  • FreeFlow : virtual RDMA networking purely with a software-based approach using commodity RDMA NICs for containers. 
  • K8s clusters for hobbyist : how to setup and operate a fully functional, secure Kubernetes cluster on a cloud provider such as Hetzner Cloud, DigitalOcean or Scaleway.
  • Magma : open-source software platform that gives network operators an open, flexible and extendable mobile core network solution.

Thursday, February 21, 2019

[Links of the Day] 21/02/2019: Database Internals, Fosdem 2019 Videos, Cloud Programming Simplified

  • Database Internals ; excellent series delving into the internal mechanism and algorithm of modern and not so modern database systems.
  • Fosdem 2019 Videos: Fosdem 2019 conference video start to filter through on the interweb
  • Cloud Programming Simplified: A Berkeley View on Serverless Computing paper which gives a quick history of cloud computing, including an accounting of the predictions of the 2009 Berkeley View of Cloud Computing paper, explains the motivation for serverless computing, describes applications that stretch the current limits of serverless, and then lists obstacles and research opportunities required for serverless computing to fulfil its full potential.

Tuesday, February 19, 2019

[Links of the Day] 19/02/2019: Headless Jenkins, Organising AWS accounts, 10-tier microservices architecture demo

  • jenkinsfile-runner : run your Jenkins file in headless mode. This is fantastic if you want to offer a quick way to test your pipeline locally or even offer Jenkins as a function.
  • Organizing enterprise AWS accounts: a very good intro on how, what, and why partitioning your AWS accounts.
  • 10-tier microservices architecture demo : shows how to build a website using a 10-tier microservices architecture—Kubernetes/GKE, Istio, Stackdriver, Skaffold, gRPC and OpenCensus—where each tier is written in a different language—Go, C#, Node, Python, Java, Python—all connected using gRPC, deployable using with little or no configuration. Microsoft has a similar example and lets me tell you I am sure that somewhere there is an exec that gave it a look and mandated a poor dev team to deliver the same for its company website while using their own private cloud ( he has to justify buying all those servers a couple of years ago)


Thursday, February 14, 2019

[Links of the Day] 14/02/2019: golang fast HTTP , virtio shared file-system, enclave application

  • FastHTTP : like net/http but up to 10x faster . Zero memory allocation on a fast path. When you really really need to go fast and the standard golang lib is not enough.
  • Virtio-fs : shared file system build on top of the virtio framework. Finally a good way of sharing files and data between the host and the guest VM or between guests [git].
  • Asylo : I recently came across the concept of enclave applications. An enclave is a special execution context where code can run protected from even the OS kernel, with the guarantee that even a user running with root privileges cannot extract the enclave’s secrets or compromise its integrity. It relies on Intel SGX or ARM trustzone security hardware feature to protect the runtime operation of the process. This might be the next security level for highly regulated industries that want to deploy in a public cloud environment which will completely eliminate a lot of the conundrum that they currently face.

Tuesday, February 12, 2019

[Links of the Day] 12/02/2019 : Product management search engine, BI made easy, Test Fuzzing infrastructure

  • Product Management Search Engine: product management is a rather important part of the R&D lifecycle. Now you have a search engine for article and documentation in that specific domain.
  • Blazer : easily create charts and dashboard to share. 
  • ClusterFuzz: google fuzzing infrastructure. Fuzz testing at scale, when coupled with OSS-fuzz you end up with a fantastic tool for finding bugs in code especially buffer overflow.


Tuesday, February 05, 2019

[Links of the Day] 05/02/2019 : git absorb, Interactive SICP, Geek gone criminal mastermind

  • git-absorb: git commit --fixup, but automatic.
  • interactive SICP : interactive versions of Structure and Interpretation of Computer Programs. If you want to dig even further this book is interesting as it is beautiful to read.
  • Techy gone criminal mastermind: a long read on how the (maybe) coder behind the TrueCrypt software became a drug lord. OK.. looks like he started really early down the criminal tech path: Lulu told me that when Le Roux was 15 or 16, in the late 1980s, the local police raided the family home and arrested Paul for selling pornography online.


Thursday, January 31, 2019

[Links of the Day] 31/01/2019 : Evidence based management, real time data streams analysis, proxy firewall with deep protocol analysis

  • Evidence-Based Management Guide : agile meet KPI scorecards ... Some interesting concept, but I am wary of the current trends of anything can be solved by X + Z in management... 
  • Confluo : real-time distributed analysis of multiple data streams. Confluo simultaneously supports high throughput concurrent writes, online queries at millisecond timescales, and CPU-efficient ad-hoc queries via a combination of data structures carefully designed for the specialized case of multiple data streams, and an end-to-end optimized system design.
  • Zorp : open source proxy firewall with deep protocol analysis. If you want to be nice and cosy on a deep and meaningfull level with your traffic. This is for you. With Zorp you can control, inspect and modify traffic at the application layer.



Tuesday, January 29, 2019

[Links of the Day] : 29/01/2019 : Agile BS, K8s and Serverless failure stories


  • Detecting Agile BS : short sweet and straight to the point. Most companies out there are doing Agile BS. Very few really understand what it takes and even when they do they often assume that carpet bombing the approach across every practice will work... Waterfall model has its place, it all depends on your context and objectives.
  • Kubernetes Failure stories : K8s fail and stuff go bad
  • Serverless Failure stories : Well serverless fail too and stuff go bad ( and can cost you a lot of money )






Thursday, January 24, 2019

[Links of the Day] 24/01/2019 : Txt Message Path, Pro Git Book, IT Postmortems collections

  • The route of a text message : fantastic post taking you down the path that a text message goes through, from typing to sending it over the airwave and back to the recipient phone. 
  • Pro Git : excellent and free book on Git. A must read for anybody that interact daily with this awesome tool.
  • Postmortems : a collection of outage postmortems from big and small companies.



Tuesday, January 22, 2019

[Links of the Day] 22/01/2019 : Bash CheatSheet , Github Actions, Decision Tree Lib

  • Bash scripting cheatsheet : if you are like me and you always need to double check how to test a variable in bash .. this cheat sheet is for you. Also, you can probably any cheatsheet you need on the main page.
  • Awesome-Actions : Github actions are all the rage. And this awesome git repo provides you all the cool kid's actions out there.
  • DtreeViz : python library for decision tree visualization and model interpretation.


Tuesday, January 15, 2019

[Links of the Day] 15/01/2019 : Incident Response best practice, Database Schema Crawler, Fingerprinting TLS

  • ja3 : something I discovered recently. Apparently, you can fingerprint SSL and TLS session in order to identify the service being run behind the encrypted socket. Really awesome if you want to spot malware or bitcoin miner on your network. Or pretty much any other services as long as you have a fingerprint to compare with.
  • SchemaCrawler : a cool tool for database schema discovery. This is a must when you have to take on board a legacy DB system that lacks clear documentation. 
  • Incident response : pager duty open sourced they incident response process. This is a really great set of tools, process and best practice for incident response. What is even more eye-opening is the part the describe the incident resolution scenario that didn't work and point out some great anti-patterns. A must read for any SRE team out there and anybody else that has an on-call duty and their managers.


Thursday, January 10, 2019

[Links of the Day] 10/01/2019 : High performance stream engine, Golang security links and a modern back orifice written in Go


  • Trill: high-performance one-pass in-memory streaming analytics engine. This seems like a highly versatile and performant streaming engine. The team behind it is making some bold claims regarding its capability ( see table below). I think that this architecture is promising, however, the .net language might put some people off.
  • Go Security link : loads of golang related security links 
  • Merlin : a cross-platform command and control server and agent. If you have used back orifice in the 90s. You will know what this tool offers :)



Tuesday, January 08, 2019

[ Links of the Day] 08/01/2019: Turn video into comics, Social impact of IoT, and Microservices orchestration DSL


  • Comixify: Transform video into a comics with the power of machine learning. This is a really cool concept and the results are surprisingly good.
  • A Storm in an IoT Cup : the authors look at the emergence of social machines where human interactions and relationship is made increasingly more complex with the rapid adoption of the Internet of Things. 
  • Baker : a library by ING bank that aims at reducing the efforts to orchestrate (micro)services process flows. The objective is to bring everybody from the product owners, architects and developers to talk the same language by relying on a unique service based processed workflow. While in itself it is not revolutionary. The DSL principle allows greater reusability of microservices as well as facilitating the comprehension and review of complex workflows.