-
Subtleties of xargs on Mac and Linux
xargs
is one of my go-to tools in Unix. It reads lines from stdin and executes another command with each line as an argument. It’s very useful to glue commands together. -
The REPL: Issue 26 - September 2016
Microservices – Please, don’t
Sean Kelly writes a cautionary post about microservices, organized into debunking 5 fallacies that he has encountered about microservices: They keep the code cleaner, they are easy, they are faster, they are simple for engineers and, they scale better.
The science of encryption: prime numbers and mod n arithmetic
While looking into Apache Milagro, I found a link to this short paper on the math behind public-key cryptography. It’s a great introduction, or refresher, to the mathematics that makes the secure web work. The paper itself has no author information, but the URL suggests that it written by Kathryn Mann at the University of California at Berkley.
Concurrency in Ruby 3 with Guilds
Olivier Lacan has a great explanation of Koichi Sasada recent proposal for bringing better parallelism to Ruby 3. The proposal is to introduce a new abstraction, called Guilds that is implemented in terms of existing Threads and Fibers, but can actually execute in parallel, because they have stronger guarantees around accessing shared state. In particular, guilds won’t be able to access objects in other guilds, without explicitly transferring them via channels. It’s exciting to think about Ruby’s performance not being bound by the Global Interpreter Lock (GIL).
-
Goodbye StartSSL, Hello Let's Encrypt
Mozilla is considering taking action against two Certificate Authorities, WoSign and StartCom after an investigation into improper behavior, including not reporting that the WoSign bought StartCom outright.
-
Redirecting To An External Server May Leak Tokens In Headers
While working on an HTTP API that serves binary files to client applications, I came upon some unexpected behavior.
-
The REPL: Issue 25 - August 2016
Types
Gary Bernhardt writes a great article on types, type systems and the differences in typing in different programming languages. He clarifies some of the adjective commonly associates with types: static, dynamic, weak, strong. It’s a very interesting read, as are some of the comments in the gist. Gary has also re-started his Destroy All Software screencast series: I haven’t watched any of the new ones, but I learned a lot from the old ones.
CloudFlare, SSL and unhealthy security absolutism
Troy Hunt explores the services that CloudFlare provides as a content delivery network (CDN), in particular with respect to SSL (or, more properly, TLS). As with most interesting things in life, it’s not black and white: CloudFlare is not evil – like some recent blog post claim – and provides valuable services, but users need to be aware what the security guarantees are, or more importantly what they are not. Security is hard and nuanced. The more you know…
The Log: What every software engineer should know about real-time data’s unifying abstraction
In the last few weeks I have been reading a lot on data pipelines. Many companies have been moving from centralized databases for all their data to distributed systems that present a set of challenges. In particular: How to make the data produced in one system available to other systems in a robust and consistent manner. In this articles Jay Kreps explains the Log in detail – the underlying abstraction necessary to understand database systems, replication, transactions, etc. The Log, in this context, refers to a storage abstraction that is append-only, totally-ordered sequence of records, ordered by time. The article is long, but thorough and absolutely worth your time. Many of the concepts are similar to what is described on a post about Apache Samza, also a enlightening read.