1_DevOps'ish

1_DevOps'ish

56200 bookmarks
Custom sorting
How I hunt for vulnerabilities with AI | ClickHouse
How I hunt for vulnerabilities with AI | ClickHouse
I'm an experienced software engineer, but I'm not a seasoned bug bounty hunter. I used GitHub Copilot in combination with Claude Opus and Gemini models to search for vulnerabilities in the ClickHouse codebase, generate hypotheses, and speed up validation.
·clickhouse.com·
How I hunt for vulnerabilities with AI | ClickHouse
I don't wonder how this happens after two decades of experience in infra roles. I've seen things! | Nearly a million passports just exposed on the public internet—and anyone could access them with a simple URL
I don't wonder how this happens after two decades of experience in infra roles. I've seen things! | Nearly a million passports just exposed on the public internet—and anyone could access them with a simple URL
Nearly one million passports and driver's licenses from multiple countries were left unprotected online with zero password protection. Here's what happened.
·cambridgeanalytica.org·
I don't wonder how this happens after two decades of experience in infra roles. I've seen things! | Nearly a million passports just exposed on the public internet—and anyone could access them with a simple URL
Cynthia Brumfield (@metacurity.com)
Cynthia Brumfield (@metacurity.com)
The revised targeting principles, approved without public disclosure in April, envision “systems where AI initiates actions with human monitoring,” instead of “‘human in the loop’ systems, in which a human initiates actions.” https://www.bloomberg.com/news/articles/2026-06-25/pentagon-sees-broader-role-for-ai-in-setting-military-targets
·bsky.app·
Cynthia Brumfield (@metacurity.com)
All you need is PostgreSQL
All you need is PostgreSQL
Introduction The setup Laying the foundation The foundation: schemas and user roles for modularity Domains Accounts, managed and external Transfers, constrained by a state machine and temporal periods Transfer state history Account auditing Transactions, the immutable events On maintaining business rules via meaningful constraints The transfer state machine Transactions must fall within the transfer period Pending transactions require a pending transfer No future transactions when closing a transfer On capacity planning Working set estimation On write throughput Enabling HOT Updates for Transfers Making sure there are no Unused indexes OLTP Listing The history of a transfer OLAP Balance ledger Incremental maintenance via triggers On serializable isolation On decoupling Benchmarking the startup scenario Seed data Write script: full transfer lifecycle Read script: activity stream and balance Running the benchmark Results Conclusion Appendix A: Full code suite. Introduction There is a deep cultural reflex in modern engineering: whenever a problem appears, reach for a packaged solution instead of thinking from first principles. The result is architectural cargo culting and lots of missed opportunities. Some intentionally absurd-but-familiar examples:
·ebellani.github.io·
All you need is PostgreSQL
cssQuake - Powered by PolyCSS
cssQuake - Powered by PolyCSS
Play a browser Quake port rendered as inspectable HTML and CSS 3D geometry through PolyCSS, with no WebGL or canvas renderer.
·cssquake.com·
cssQuake - Powered by PolyCSS
Framework's 10G Ethernet module exposes USB-C's complexity
Framework's 10G Ethernet module exposes USB-C's complexity
I've been following WisdPi's development of various 5 Gbps and 10 Gbps Ethernet adapters for the past couple years. They use newer Realtek Ethernet chips, which sometimes have performance quirks—most frequently encountered under Linux. In today's video, I tested the new WisdPi 10G Ethernet Expansion Card for Framework computers. It fits in any available Framework Expansion slot—even on the Framework Desktop. But Expansion Cards use USB-C for their connection to the mainboard—and therein lies the rub...
·jeffgeerling.com·
Framework's 10G Ethernet module exposes USB-C's complexity
Open Letter | Akrites
Open Letter | Akrites
An open letter from the technology industry, and the launch of Akrites - a coordinated effort to remediate vulnerabilities in the open source software the world runs on.
·akrites.org·
Open Letter | Akrites
Om Malik, 1966-2026
Om Malik, 1966-2026
Om Malik passed away on June 24, 2026, at Stanford Hospital after a long health journey with his heart. He was surrounded by family and friends. We invite you to share your remembrances of Om in th…
·om.co·
Om Malik, 1966-2026
How Do You Know When an AI Agent Has Gone Rogue? | Built In
How Do You Know When an AI Agent Has Gone Rogue? | Built In
Discover why traditional guardrails fail to stop AI agent breaches. This deep dive analyzes the 5 stages of agent failure — from prompt injection to memory poisoning — and why execution must remain deterministic.
·builtin.com·
How Do You Know When an AI Agent Has Gone Rogue? | Built In
We’re making Bunny DNS free
We’re making Bunny DNS free
Your DNS bill shouldn't scale with your traffic. So we removed query fees from Bunny DNS entirely. No per-request billing and no query limits.
·bunny.net·
We’re making Bunny DNS free