System Architecture

This means that if you were always poor — you function differently than those with abundant resources. But if you were rich before and then suddenly plummeted to poverty — your brain goes into a full-on scarcity mindset.

Sometimes solving a simple problem can lead to interesting places…

Original Source for Self-Sovereign ID + Sovereign Source Authority + Human Rights in Sovereign context defined by "Owning Root" authority structurally

Original Source for Self-Sovereign ID + Sovereign Source Authority + Human Rights in Sovereign context defined by "Owning Root" authority structurally

One of the first uses of the BPF virtual machine outside of networking was to implement access-control policies for the seccomp() system call. Since then, though, the role of BPF in the security area has not changed much in the mainline kernel, even though BPF has evolved considerably from the "classic" variant still used with seccomp() to the "extended" BPF now supported by the kernel. That has not been for a lack of trying, though. The out-of-tree Landlock security module was covered here over three years ago. We also looked at the kernel runtime security instrumentation (KRSI) patch set in September. KP Singh has posted a new KRSI series, so the time seems right for a closer look.

and making my website faster in the process

Posted on Thursday 4 Aug 2022. 3,669 words, no links. By Matt Webb.

SWC is an extensible Rust-based platform for the next generation of fast developer tools. It's used by tools like Next.js, Parcel, and Deno, as well as companies like Vercel, ByteDance, Tencent, Shopify, and more.

Ampere Computing® - Creator of the first cloud native processors – the 80 core Ampere® Altra® and 128 core Ampere® Altra® Max CPUs and Server Systems

With its chips recently adopted by Google Cloud and HPE, Ampere Computing is giving ARM-based chips the kind of server breakthrough that has eluded other chip companies. These companies' backing provides a big boost to the entire ARM server ecosystem.

This article will discuss best practices for secrets management in the context of continuous integration delivery workflow.

Management planes can become a happy ops medium that saves developers days or weeks of time wasted on configuration management, security design and more.

Software is not actually eating the world, but it is absolutely smashing out of appliance-style boxes and creating a massive, interconnected overlay atop

Giving developers more power in the software development life cycle yields tremendous benefits for both developers and the companies they work for

But there are challenges to adopting a machine learning model registry. We found that to address those challenges, a model registry with a GitOps-based approach was needed.

The Linux Security Module (LSM) subsystem works by way of an extensive set of hooks placed strategically throughout the kernel. Any specific security module can attach to the hooks for the behavior it intends to govern and be consulted whenever a decision needs to be made. The placement of LSM hooks often comes with a bit of controversy; developers have been known to object to the performance cost of hooks in hot code paths, and sometimes there are misunderstandings over how integration with LSMs should be handled. The disagreement over a security hook for the creation of user namespaces, though, is based on a different sort of concern.

MinIO has accused Nutanix of actively misleading industry and financial analysts by telling them it was no longer using MinIO code in its Objects product when in fact it was, or so it’s claimed. MinIO CFO Garima Kapoor followed up her first blog accusing Nutanix of open source code license infractions with a second. In […]

Posts in this series: A Case StudyDesigning Authentication SchemesAuthorizing Client ApplicationsBuilding the ServerFull example In the last couple of posts, we looked at authentication and authorization options and picked some strategies for each. With those pieces chosen, we can now set about building our server and client applications as well