Selected pieces. Full length.
Handpicked articles from my LinkedIn writing, republished here in their entirety. For the full series overview, see Writing.
Software used to ship when it was ready. Now it ships when the sprint ends. Chrome halved its release cycle twice. CrowdStrike pushed one update and crashed 8.5 million machines. The invoice for velocity is permanent instability.
BEM was invented at Yandex to stop CSS from breaking across 100 services. The industry adopted it to name twelve classes on a landing page. A naming convention copied without the problem it solved.
72% of the web runs on PHP. Not an accident. But the web has moved: persistent connections, live pushes, minimal memory. Five languages, one task, a 128x difference in memory. Two survive. One has a garbage collector. The other does not.
In 2012, JSON was the lingua franca of the web and the Unix toolbox had nothing for it. One PhD student at Cambridge wrote a functional language in 510 KB of C. Forty years of flat text tools, plus one for trees. 822 KB.
A compromised process inherits the full authority of the user who launched it. Two operating systems fixed this with opposite philosophies. One removed the doors. The other posted a bouncer. Same browser, same threat model, two answers.
GraphQL was built at Facebook for the News Feed: hundreds of content types, three platforms, billions of requests. REST is 50% faster on relational databases. 34x faster with eager loading. You have 12 endpoints. The performance tax, itemised.
Software used to come on a disc. A bug on a pressed CD was a recall, not a hotfix. Then the internet removed the disc, and methodology made "never finished" respectable.
In 2012, you could buy Adobe Creative Suite for $2,599. You owned it. In 2026, you pay $660 per year and own nothing. You were not upgraded. You were expropriated. The subscription invoice, itemised.
Europe wants digital sovereignty but builds on a kernel governed by US corporations. 84.3% of Linux commits, $500K board seats, and a 2024 precedent that proved jurisdiction trumps community.
Docker solved deployment. Then the industry decided it also solved development. On macOS, that means running a Linux VM to execute a process that runs natively. The engineering equivalent of driving to your neighbour's via Heathrow.
For twenty-three years, CSS could only look downward. A parent styled its children. Never the reverse. In 2023, three pseudo-classes changed the direction of the cascade entirely.
The demoscene taught a generation that constraint is not limitation; it is method. Every instruction must justify its presence. The same principle applies to production software.
1976. Stuart Feldman writes make in a weekend. Targets, dependencies, timestamps. Three concepts. Fifty years. Same algorithm. The industry responded with fourteen replacements. make still builds kernels.
Unix had single responsibility, API contracts, message queues, and service discovery in 1973. The industry repackaged it and called it microservices.
558 KB median JavaScript per page. 44 per cent never executes. Mobile parses 25x slower than your dev machine. The thermal throttling feedback loop and the battery invoice, itemised.
Six developers, 80 hours of sprint, 18 hours of ceremonies. A Scrum Master who costs $126k and requires no technical prerequisites. The co-creator says 75 per cent will fail. The Scrum invoice, itemised.
22.5 million npm installs per week for JavaScript that recreates the native dialog element. Focus traps, escape handlers, backdrop overlays, ARIA semantics. Every browser ships it. Since 2022. Zero kilobytes.
A psychologist at Bell Labs writes a text editor that never opens a file. 53 years later, it runs everywhere. 25 commands, two buffers, one pass. Turing complete. The substitution syntax became internet grammar.
FreeBSD init runs on 178 shell scripts and one shared library. systemd ships 690,000 lines of C across 150 compiled binaries. Both start services. One of them also replaced sudo.
Webpack solved a 2012 problem that ES Modules natively solved in 2017. esbuild is 106x faster. Vite cold-starts in 1.7 seconds. The bundler that bundles your patience, itemised.
MongoDB stores relational data in a document store, then spends a decade rebuilding the relational features it discarded. The Aggregation Pipeline is proprietary SQL. Mongoose is the schema you removed. The invoice, itemised.
In 1994, Kent Beck wrote SUnit to test isolated units of logic. By 2015, the industry had turned his invention into a coverage KPI. 400 tests green, checkout broken. The mocks should have been the clue.
CSS Cascade Layers end the two-decade specificity war permanently. One declaration line sets the hierarchy. Layer order outranks specificity. No more !important, no inline styles as nuclear option.
HTTP/1.1 made bundling necessary. HTTP/2 made it obsolete. Multiplexing, granular caching, and the rule that inverted itself a decade ago. The fastest bundle might be no bundle at all.
Same ZFS, same commands, radically different experience. On FreeBSD, bectl is in base, the bootloader understands boot environments natively, and recovery takes 30 seconds. On Linux, ZFS is a legal grey area bolted on from outside.
82 per cent of container users run Kubernetes in production. The control plane demands 12-24 GB RAM before your app serves one request. CPU utilisation: 10 per cent. 34 workdays per year troubleshooting. The performance tax, itemised.
The job description is admirably brief: a request arrives, HTML leaves. And yet, a quarter century of accretion has produced something rather more elaborate.
ORMs hide complexity instead of eliminating it. They promise database portability you will never use and obscure queries you should understand. SQL has worked since 1974. Your ORM will be deprecated before your queries are.
Docker did not solve a technical problem. It monetised a political one. Linux could not agree on a base system, so the industry shipped the entire OS with every application. The invoice, from 1979 to 2026.
OOCSS arrived in 2009. BEM arrived in 2010. Both produce identical specificity (0,1,0). One reads like a sentence. The other reads like a German compound noun. Five prefixes, one meaning each, and the naming convention the industry should have adopted.
In 1979, Trygve Reenskaug invented MVC for Smalltalk desktop applications. Then Ruby on Rails borrowed the terminology for the web. One small problem: the web works rather differently.
Salvatore Sanfilippo built Redis in 2009. Single-threaded by design. One event loop, no locks. 100,000+ operations per second on modest hardware. Sub-millisecond latency. The industry believed concurrency requires threads. Redis proved it requires architecture.
Jeff Bonwick and Matthew Ahrens built ZFS at Sun Microsystems in 2005. Filesystems trusted hardware that lies. ZFS trusts mathematics instead. Copy-on-Write, end-to-end checksumming, instant snapshots. The filesystem that verifies everything.
Theo de Raadt forked SSH in 1999. The original was accumulating licence restrictions and complexity. OpenSSH stripped it down, audited everything, and assumed the network is hostile. 32 million servers. 25 years. One serious vulnerability. The paranoia paid off.
"Give teams autonomy." Four teams, four frameworks, four pipelines, four security postures. A cross-team feature ships in month three. Conway's Law called. Nobody answered.
In 2010, vanilla JavaScript built the web. In 2026, a React Hello World installs 2,839 packages. The supply chain, the bundle, and the native APIs that were there all along.
Serverless is not serverless. It is MicroVMs with amnesia, vendor lock-in with four incompatible dialects, and cold starts that cost more than the server you were trying to avoid. The invoice, itemised.
Andrew Tridgell had a problem in 1996: synchronising files over slow links. The naive approach copies everything. rsync splits files into chunks, computes rolling checksums, and transfers only the differences. 29 years. One algorithm. No vendor. No subscription.
Fabrice Bellard started FFmpeg in 2000. The multimedia world was fragmented: dozens of proprietary formats, incompatible codecs, expensive licensing. FFmpeg handles every format ever created. 1.5 million lines of C. Powers YouTube, Netflix, VLC, Spotify. Everything else is a wrapper.
For three decades, CSS lied about lightness. HEX told you nothing. HSL promised perceptual uniformity and delivered optical illusion. OKLCH, light-dark(), and Relative Color Syntax fix the problem. No JavaScript. No media queries.
Docker needs a daemon, image layers, a registry, overlay networks, and volume mounts. FreeBSD Jails need a directory and a config file. Native kernel isolation since 2000. ZFS snapshots in milliseconds. No daemon. No images. No layers. The replacement, not the alternative.
After 20 years of PHP, I needed something new for backend work. Everyone said Go. I chose Rust instead. The compiler is your private tutor. No null, no exceptions, no garbage collector. One binary. A twentieth of the memory.
Fresh server, SSH open, auth.log fills up. Linux reaches for fail2ban , a Python daemon that parses logs after the fact. FreeBSD solves it in four lines of pf.conf, in the kernel, before the attacker finishes the first attempt.
FreeBSD runs Linux binaries natively. No emulator. No VM. No container. The kernel translates syscalls in real time, at less than 1% overhead. Since 1995. The reverse does not exist. The door swings one way.
ECMAScript is a complete language. Types are not missing from JavaScript: they were never part of the specification. A preference and a deficiency are not the same thing.
45-minute pipelines, 20 per cent of the work week lost to YAML, and a supply chain that leaked 23,000 repositories of secrets. The pipeline is not the solution. It is the longest-running workaround in the industry.
25,000 lines of C. A 200 KB binary. Embedded in World of Warcraft, Lightroom, nginx, Redis, Neovim, Roblox, Nmap. Born from Brazilian trade barriers. MIT licence. Include one header, link one library, call lua_pcall().
Over eight episodes we dissected individual performance problems. Stand back far enough and a shape emerges. The same shape, every time. Today we name it.
65,536 bytes. Three people. A real-time rendered film with physically-based rendering, volumetric lighting, procedural everything, and a synthesised soundtrack. No external assets. Twenty bytes under the limit.
Complete audit trail! Time travel! Never lose data! A shopping cart with 10 items produces 13+ events. A 3 TB replay takes 10 hours. The inventor wrote a book about one sub-problem. The event sourcing invoice, itemised.
SSH plus shell replaces Ansible, Python, YAML, Jinja2, inventory files, role dependencies, and Galaxy collections. OpenSSH since 1999. Shell since 1971. Both outlive every automation tool.
Razor 1911, founded 1985. Their 2012 demo is 64 kilobytes of irony: CRT scanlines, Dubmood's soundtrack, and a running gag the demoscene has been telling itself for three decades. UNESCO cultural heritage. Still not dead.
Story points were invented to stop managers converting estimates into deadlines. Then the industry converted story points into deadlines. The inventor apologised in 2019. The industry carried on. Goodhart's Law, dressed in a Fibonacci sequence.
One loop. One file. Every minute. Since 1975. Ken Thompson wrote the first version at Bell Labs. Paul Vixie rewrote it in 1987. 2,500 lines of C. No dependencies. The modern alternative requires Kubernetes. cron requires a text file.
4,096 bytes. A complete audiovisual experience: procedural geometry, synthesised soundtrack, real-time rendering. Prismbeings proved in 2018 that limitation breeds creativity. The demoscene is UNESCO cultural heritage. Hardly anyone noticed.
"Pay only what you use." The bill is 47 pages and requires a FinOps specialist to decode. Netflix uses AWS for the back office. For delivering video to 260 million subscribers: FreeBSD, jails, bare metal.
React ships 142 KB before your code runs. The browser ships querySelector, addEventListener, Web Components, Proxy, and fetch. Zero kilobytes. The framework was always there.
Poul-Henning Kamp built FreeBSD Jails in 1999. Kernel-level isolation, near-zero overhead, native ZFS integration. Stable API for 25 years. No daemon, no overlay network, no orchestration layer. 14 years before Docker, the problem was already solved.
CSS-in-JS is writing CSS in JavaScript to generate CSS. The runtime overhead, the 13 KB library tax, hydration roulette, and the browser that understood you all along. Since 1996.
Sass was revolutionary in 2012. Variables, nesting, functions. In 2026, CSS does all of it natively. No build step. No node-sass conflicts. No dart-sass migration. The bridge has arrived.
"But it's just one dependency!" That sentence has done more damage to software security than any zero-day exploit. It installs 1,400 packages before your kettle has boiled.
"We need a Single Page Application." A perfectly reasonable sentence, provided one does not ask the follow-up question. But let us ask it anyway.
Igor Sysoev built nginx in 2004 because Apache's thread-per-connection model was architecturally wrong. Event-driven, pure C, no framework. 10,000 connections on a single process. 34 per cent of all websites. F5 Networks paid $670 million. Still the correct architecture.
Angular is the SAP of frontend frameworks. Zone.js monkey-patches 30+ browser APIs, a Hello World ships 500 KB, and Google builds Angular but does not use it. The performance tax, itemised.
Divide and conquer. The oldest strategy of control. Fragment the opposition. Isolate the units. They call it Agile.
81 resource types. 200 lines of YAML to replace one systemctl command. A platform team before your first customer. The Kubernetes invoice, itemised.
Daniel Stenberg released curl in 1998. 26 years, zero breaking changes, one dependency: libc. Runs on 10+ billion devices. 180,000 lines of C, 30+ protocols. Every HTTP library wraps libcurl. The bedrock the industry pretends it built itself.
Michael Stonebraker built POSTGRES at Berkeley in 1986. Minimal core, everything extensible. 38 years, 17 major versions, same BSD licence. No corporate owner, no licence changes. The extension architecture that outlasted every trend.
Linus Torvalds built git in ten days. 10 MB, no server, no database, no dependencies beyond libc. Content-addressable, distributed, backwards compatible since 2005. The tooling around it weighs more than the tool itself.
"But deployments are cleaner!" That sentence has launched more Kubernetes clusters than any legitimate scaling requirement. Let us examine the invoice.
Jason Donenfeld built WireGuard in 4,000 lines of code. OpenVPN needs 100,000. IPsec is worse. Linus Torvalds called it a work of art. 57 per cent faster. In the Linux kernel since 2020. Readable in an afternoon.
D. Richard Hipp built SQLite in 2000 for a US Navy destroyer. 600 KB, single file, zero configuration. 156,000 lines of source, 92 million lines of tests. Powers every phone, most browsers, probably your car. Public domain. Supported until 2050.
React 18 ships 136 KB minified before you have written a single line of application code. The Virtual DOM costs 30 per cent versus vanilla JavaScript. 95 per cent of websites do not need it. The performance invoice, itemised.
Browsers have understood ES Modules since 2018. HTTP/2 solved the request overhead in 2015. For 90% of projects under 50 modules, the build pipeline is not solving complexity. It is the complexity.
In 2013, a German data scientist discovered Xerox scanners were silently changing numbers in scanned documents. No error. No warning. Just a quiet substitution.
Caddy replaces Nginx, Certbot, Cron, and renewal hooks. One binary. Zero TLS configuration. Auto HTTPS since 2015. Your reverse proxy config fits in a tweet. The replacement, not the alternative.