Hμblog
Looking for a new role. Expertise in cryptography, security, networking, reversing. Dev, ops, security. Amongst other things I've authored a QUIC implementation, a Let's Encrypt client and an RFC. I gave a talk about reverse engineering an Ethernet controller's firmware at 37C3. LinkedIn / contact details.
For those that missed it, a recording of my talk at 37C3 can be found here.
Leah Rowe has written an interesting article about the history of the Libreboot project on the project's 10th anniversary. Recommended reading if you're interested in the open source firmware ecosystem.
Interesting articles by Ryan Hurst about possible improvements to WebPKI security via more certificate transparency (CT)-like technologies. There's also my own writings on CT.
Excellent writeup by Mac Chaffee about how web application firewalls are universally a terrible idea. I've been meaning to write an article on this subject for some time, but this is a good overview of many issues with them.
Interesting writings by Koshka, who has a fantastic Web 1.0/Geocities-esque website of great depth and variation.
Re: my article Web-based cryptography is always snake oil, this is another good article focused on Signal specifically and why it should not be considered trustworthy or secure.
This article on how Apache httpd is actually nice resonated with me a lot; I continue to use Apache myself for reasons I've articulated in the comment above.
Chris Siebenmann has written an interesting response to my article “Producing HTML using string templates has always been the wrong solution”. While I don't necessarily agree with his views, I think it's an interesting response and worth reading. I've also written up my thoughts on the article as an HN comment. (Read more...)
Fascinating writeup on the internal representation of values in Chicken Scheme. The design of value representations in a Scheme implementation needs to balance performance and memory usage while supporting a finite number of value types, so seeing the strategies chosen by a real-world implementation is always interesting. The further reading section provides links to information on the internal representation used by several other languages.
This is an interesting web framework in Go emphasising PHP-esque page-oriented development. The author cites my article The Demise of the Mildly Dynamic Website as inspiration.
This is an interesting writeup about webrings, a now forgotten phenomenon of the early web.
Current listening — while reading Dune. Massive index of ambient noise generators.
This is an interesting alternative compiler for producing Z-Machine images (.z5/.z8), taking inspiration from Prolog.
The author's website also appears an interesting homepage.
I have quite a bit of respect for the fact that this is a successful, real-world program developed using Literate Programming. It's a style of programming which has interested me before, but like many other people, I've found it hard to do in practice, and tools to be lacking.
As an aside, the interactive fiction community is from a technological perspective a fascinating microcosm, including from a CS perspective. You have not just one toolchain, but an entire ecosystem of competing virtual machine specifications (Z-Machine, Glulx, TADS, Hugo), compilers, and source languages, all intending to deliver architecture-independence and the ability to preserve IF for the ages, yet apart from all general-purpose technologies typically used for the task. (Read more...)