The Art of PNG Glitch
PNG is an image format that has a history of development beginning in 1995, and it is still a popular, long living format. Generally, it is known for its features such as lossless compression and the ability to handle transparent pixels.
However, we do not look at image formats from a general point of view, but rather think of ways to glitch them. When we look at PNG from the point of view of glitch, what kind of peculiarity does it have?
Learning fast elliptic-curve cryptography in JS
If you could characterize state of JS cryptography in one word, it would be: “sad”. Paul has decided create TypeScript libraries that don’t use dependencies & are simple to audit for non-cryptographer. Having no math background, it wasn’t that simple.
Intercepting Zoom's encrypted data with BPF
In author’s word: I wrote a command line tool that uses BPF uprobes to intercept the TLS encrypted data that zoom sends over the network, and here I’m going to show the process I went through to write it. After I wrote this post I made the tool generic so that it can now instrument any program that uses OpenSSL. I published the code at https://github.com/alessandrod/snuffy.
Not all attacks are equal: understanding and preventing DoS in web applications
How do you response to DOS/DDOS attach?
This article tries to cut through those arguments. It provides a framework for engineering and application security teams to think about denial-of-service risk, breaks down DoS vulnerabilities into high-, medium-, and low-risk classes, and has recommendations for mitigations at each layer.
High Speed Hashing for Integers and Strings
These notes describe the most efficient hash functions currently known for hashing integers
and strings. These modern hash functions are often an order of magnitude faster than those
presented in standard text books. They are also simpler to implement, and hence a clear win
in practice, but their analysis is harder.
Under Deconstruction: The State of Shopify’s Monolith
Shopify’s core monolith has over 2.8 million lines of Ruby code and 500,000 commits. Rails doesn’t provide patterns or tooling for managing the inherent complexity and adding features in a structured, well-bounded way.
Shopify founded a team to investigate how to make their Rails monoliths more modular. The goal was to help them scale towards ever increasing system capabilities and complexity by creating smaller, independent units of code they called components.
Code to read
Another Elegant Go Interpreter.
Watch how Gitlab upgraded their Postgres
Last week I included a links to how Gitlab upgrade their database. This is the recording of that process in 2 hours. You gotta see their engineers doing this live :-). It’s interesting to shadow how companies upgrade their database, the trickiest thign to upgrade as always. Require lot of planning and cordination
Diagrams lets you draw the cloud system architecture in Python code
An extensible platform for infrastructure managementa
debugging applications that use postgres as DBMS. It aims to help the user to understand his application by displaying the database events triggered by the application in real time.
yet another rss reader.
That's it for this round, have a great day! If you like this newsletter, please tell the world, or
tweet about this