System Architecture

System Architecture

8069 bookmarks
Custom sorting
undefined
undefined
Wire your OpenAPI contract into a Node.js Fastify backend with auto-generated routes, typed handlers, and request validation—no manual route definitions, no type drift, no integration surprises.
·evilmartians.com·
undefined
5500FP: A 24-Trit Balanced Ternary RISC Processor
5500FP: A 24-Trit Balanced Ternary RISC Processor
We present the 5500FP, a 24-trit balanced ternary RISC processor implemented on FPGA, with a 120-instruction ISA, native atomic synchronization primitives, and an open hardware development board. The design demonstrates the practical feasibility of balanced ternary computing on modern reconfigurable hardware, providing a concrete platform for research into non-binary architectures without the barrier of custom silicon development.
·zenodo.org·
5500FP: A 24-Trit Balanced Ternary RISC Processor
New Kinds of Applications
New Kinds of Applications
I’ve said in the past that AI will enable new kinds of applications—but I’ve never had the imagination to guess what those new applications would be. I don’t
·oreilly.com·
New Kinds of Applications
Governance: Documentation to support projects
Governance: Documentation to support projects
Explore the delirious rantings of Frederick Vanbrabant. A blog focused on the intersection of Enterprise Architecture, product, and business strategy.
·frederickvanbrabant.com·
Governance: Documentation to support projects
How Kernel Anti-Cheats Work: A Deep Dive into Modern Game Protection
How Kernel Anti-Cheats Work: A Deep Dive into Modern Game Protection
Modern kernel anti-cheat systems are, without exaggeration, among the most sophisticated pieces of software running on consumer Windows machines. They operate at the highest privilege level available to software, they intercept kernel callbacks that were designed for legitimate security products, they scan memory structures that most programmers never touch in their entire careers, and they do all of this transparently while a game is running. If you have ever wondered how BattlEye actually catches a cheat, or why Vanguard insists on loading before Windows boots, or what it means for a PCIe DMA device to bypass every single one of these protections, this post is for you.
·s4dbrd.github.io·
How Kernel Anti-Cheats Work: A Deep Dive into Modern Game Protection
Dear ImGui
Dear ImGui
Dear ImGui homepage
·dearimgui.com·
Dear ImGui
Home · ocornut/imgui Wiki
Home · ocornut/imgui Wiki
Dear ImGui: Bloat-free Graphical User interface for C++ with minimal dependencies - ocornut/imgui
·github.com·
Home · ocornut/imgui Wiki
Token bucket - Wikipedia
Token bucket - Wikipedia
scheduling algorithm for network transmissions
·en.wikipedia.org·
Token bucket - Wikipedia
CoDel - Wikipedia
CoDel - Wikipedia
queue management algorithm for computer network packets
·en.wikipedia.org·
CoDel - Wikipedia
Technical Beauty: jq — Vivian Voss
Technical Beauty: jq — Vivian Voss
In 2012, JSON was the lingua franca of the web and the Unix toolbox had nothing for it. One PhD student at Cambridge wrote a functional language in 510 KB of C. Forty years of flat text tools, plus one for trees.
·vivianvoss.net·
Technical Beauty: jq — Vivian Voss
The Distributed Tax — Vivian Voss
The Distributed Tax — Vivian Voss
A function call costs 0.001 ms. A network call between two microservices costs 1 to 5 ms. That is factor 5,000 before any business logic executes. One rather wonders what one gets for that markup.
·vivianvoss.net·
The Distributed Tax — Vivian Voss
Capsicum vs seccomp: Process Sandboxing — Vivian Voss
Capsicum vs seccomp: Process Sandboxing — Vivian Voss
A compromised process inherits the full authority of the user who launched it. Two operating systems fixed this with opposite philosophies. One removed the doors. The other posted a bouncer.
·vivianvoss.net·
Capsicum vs seccomp: Process Sandboxing — Vivian Voss
WebPKI and You
WebPKI and You
There’s been a push over the last twelve years to move web traffic off unencrypted HTTP to encrypted HTTPS, to protect the general public from dragnet surveillance, gaping assholes on public wifiairpwn, backhauls over unencrypted satellites, that kinda thing. HTTPS relies on a public key infrastructure to make sure only authorized servers have keys for specific websites. [oid]: an OID or “Object IDentifier” is intended [brs]: https://cabforum.org/working-groups/server/baseline-requirements/documents/CA-Browser-Forum-TLS-BR-2.1.8.pdf [crtsh]: https://crt.sh/?q=blog.brycekerley.net [lol-diginotar]: https://en.wikipedia.org/wiki/DigiNotar#Issuance_of_fraudulent_certificates [iv-ocsp]: https://www.imperialviolet.org/2011/03/18/revocation.html [mac-ocsp]: Jeff Johnson’s [crlite]: these use cascading bloom filters which [short-lived]: the CA/BF baseline requirements [trustico-chrome]: https://security.googleblog.com/2017/09/chromes-plan-to-distrust-symantec.html [trustico-gone]: https://arstechnica.com/information-technology/2018/03/trustico-website-goes-dark-after-someone-drops-critical-flaw-on-twitter/ [trustico-compromise]: https://groups.google.com/g/mozilla.dev.security.policy/c/wxX4Yv0E3Mk/m/o1cdfx2nAQAJ [enclaves]: Amazon Web Services (AWS) and [history]: i mean, i remember from when it happened [parasite]: You may have realized that I don’t think [van-halen]: https://snackstack.net/2023/07/03/in-search-of-van-halens-brown-mms/ [osi]: I’m not going to hit you with a [responsibility]: in every part of your life! [bloom]: [later]: At time of publishing, it’s March 8, 2026 [hsts]: https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Strict-Transport-Security [hsts]: This is generally a hardcoded value, [cattle]: “cattle” is when there’s [ari]: https://letsencrypt.org/2025/09/16/ari-rfc [caddy-ari]: I checked Caddy, the front-end server [left]: there may be value in trying to renew [audits]: https://cabforum.org/about/information/auditors-and-assessors/audit-criteria/
·blog.brycekerley.net·
WebPKI and You
Linux Internals: How /proc/self/mem writes to unwritable memory - offlinemark
Linux Internals: How /proc/self/mem writes to unwritable memory - offlinemark
Introduction An obscure quirk of the /proc/*/mem pseudofile is its “punch through” semantics. Writes performed through this file will succeed even if the destination virtual memory is marked unwritable. In fact, this behavior is intentional and actively used by projects such as the Julia JIT comp
·offlinemark.com·
Linux Internals: How /proc/self/mem writes to unwritable memory - offlinemark
Governance: Documentation as a Knowledge Network
Governance: Documentation as a Knowledge Network
Explore the delirious rantings of Frederick Vanbrabant. A blog focused on the intersection of Enterprise Architecture, product, and business strategy.
·frederickvanbrabant.com·
Governance: Documentation as a Knowledge Network
Message Passing Is Shared Mutable State — Causality
Message Passing Is Shared Mutable State — Causality
The failure of message passing to eliminate concurrency bugs wasn't surprising, it was predicted. Edward Lee argued in 2006 that the shared-memory vs. message-passing debate was a false dichotomy. Go was a billion-dollar natural experiment. The results confirmed the prediction.
·causality.blog·
Message Passing Is Shared Mutable State — Causality
Anonymous credentials: an illustrated primer
Anonymous credentials: an illustrated primer
This post has been on my back burner for well over a year. This has bothered me, because every month that goes by I become more convinced that anonymous authentication the most important topic we c…
·blog.cryptographyengineering.com·
Anonymous credentials: an illustrated primer