SLOs and GHGs
Learn how to measure the carbon emissions of your software using service-level objectives and reduce the impact your system has on the planet.
Authors: Bill Johnson
Article shepherded by: Rik Farrow
Oncall: An Equal-Opportunity Waste of Time
Dave O'Connor engages in some spirited book-ripping about how we staff oncall teams.
Authors: Dave O'Connor
Article shepherded by: Laura Nolan
Untangling the Cloud
Draw technical borders to divide your cloud resources into groupings that follow the logical boundaries of your systems and your organization.
Authors: Joshua Fox
Article shepherded by: Laura Nolan
LISA made LISA obsolete (That's a compliment!)
My memories (good and bad) of the USENIX LISA conference.
Authors: Thomas A. Limoncelli
Article shepherded by: Rik Farrow
Experimental Security Analysis of the App Model in Business Collaboration Platforms
These third-party apps that you installed in your Slack/Teams workspace may violate your privacy expectations in many unexpected ways.
Authors: Yunang Chen, Yue Gao, Nick Ceccio, Rahul Chatterjee, Kassem Fawaz, Earlence Fernandes
Article shepherded by: Rik Farrow
Python Distilled
Python Distilled teaches you how to get the most out of Python 3 in a short book with lots of examples and clear explanations.
Authors: Rik Farrow
Article shepherded by: Rik Farrow
Wanted Hacked or Patched:
A targeted open source bug bounty initiative that allows users to secure third party code by crowdsourcing the security analysis to external researchers.
Authors: Chujiao Ma, Matthew Bosack, Wendy Rothschell, Noopur Davis, Vaibhav Garg
Article shepherded by: Rik Farrow
Provably-Safe Multilingual Software Sandboxing using WebAssembly
WebAssembly’s safety guarantees are only as strong as the implementation enforcing them. We show two approaches to provably sandbox Wasm code, using formal verification and Rust.
Authors: Jay Bosamiya, Wen Shih Lim, Bryan Parno
Article shepherded by: Rik Farrow
The Sticky Problem of Measuring Passwords
Designing a tool that can take measurements on password has many challenges. We describe the process behind designing Gossamer, a framework for securely measuring passwords.
Authors: Marina Sanusi Bohuk, Mazharul Islam, Thomas Ristenpart, Rahul Chatterjee
Article shepherded by: Rik Farrow
Transcending POSIX: The End of an Era?
We provide a holistic view of the POSIX abstractions by a systematic review of the key factors that drove their evolution, and discuss our perspective of the future.
Authors: Pekka Enberg, Ashwin Rao, Jon Crowcroft, Sasu Tarkoma
Article shepherded by: Rik Farrow
Three Years of Crowdsourcing Smart Home Network Traffic
Examining the security and privacy of thousands of real-world smart home networks using IoT Inspector
Authors: Danny Yuxing Huang
Article shepherded by: Rik Farrow
Musings, July 2022
There is lots of evidence that there are few really good programmers, and Copilot isn't the solution.
Authors: Rik Farrow
Article shepherded by: Rik Farrow
Investigating Managed Language Runtime Performance
We instrumented and benchmarked Python and Node.js, finding out just how much slower they can be than Java, Go or C++ and why
Authors: David Lion, Adrian Chiu, Michael Stumm, Ding Yuan
Article shepherded by: Rik Farrow
Redesigning Hardware to Support Security: CHERI
Over a decade of research has resulted in a tool chain and RISC hardware that change pointers from integers to their own, safe, type
Authors: Rik Farrow
Article shepherded by: Rik Farrow
Metastable Failures in the Wild
We find that metastable failures are universally observed and provide an insider view of how they happen at Twitter
Authors: Lexiang Huang, Matthew Magnusson, Abishek Bangalore Muralikrishna, Salman Estyak, Rebecca Isaacs, Abutalib Aghayev, Timothy Zhu, Aleksey Charapko
Article shepherded by: Rik Farrow
What SRE Could Be
SRE could be - should be - much more than it is today. Please help.
Authors: Niall Murphy
Article shepherded by: Laura Nolan
Computer Security and the Internet
This is a security text book that covers a very broad set of topics concisely and clearly.
Authors: Rik Farrow
Article shepherded by: Rik Farrow
Jurassic Cloud
Large parts of our “modern” stack are 30+ years old, just like its architectural principles. The result - software dinosaurs roaming the Jurassic Cloud, out of place, out of time.
Authors: Avishai Ish-Shalom
Article shepherded by: Effie Mouzeli
