5 June 2026
licensing
law
devops
architecture
You wrote your first Terraform configuration in 2014
or 2017, on a licence you understood. In August
2023 HashiCorp quietly changed it. Terraform, Vault,
Consul, Nomad, Packer and Boundary went from MPL
2.0 to the Business Source License 1.1. In April
2024 IBM announced a $6.4 billion acquisition; it
closed on 27 February 2025. The .tf files in your
repository are not, today, the licence they were
when you wrote them. BSL 1.1 is not OSI Open Source;
the Additional Use Grant forbids "production use
that competes with HashiCorp's commercial
offering", ambiguous by design. Each release reverts
to MPL 2.0 four years after publication. OpenTofu
was forked fifteen days after the announcement,
accepted into the Linux Foundation on 20 September
2023 with founding sponsors Spacelift, Harness,
Gruntwork, env0 and Scalr; OpenTofu 1.6 shipped
in January 2024 as a drop-in, with state files
forward-compatible. OpenBao followed in December
2024 for Vault. Beyond BSL: Pulumi (Apache 2.0)
and Crossplane (Apache 2.0). This is the sixth
distinct lock-in genus: lock-in by retroactive
adoption, the hooks retrofitted onto a tool already
in production. You wrote infrastructure as code so
the next engineer could read it. You did not
promise the next licence-holder would let them. In
the Net Episode 06.
4 June 2026
unix
freebsd
architecture
linux
In the summer of 1969 Ken Thompson had three weeks
of uninterrupted time at Bell Labs while his
family was visiting California. He wrote the first
version of Unix on a PDP-7 with four kilobytes of
memory. With Dennis Ritchie and Rudd Canaday the
team built a hierarchical filesystem, processes,
pipes, and one architectural idea that has carried
half a century without much fading: the file as the
universal interface. A device, a pipe, a socket, a
process listing, all opened, read, written and
closed through the same system calls. ioctl is the
honest escape hatch for what does not fit. Ritchie
and Thompson's 1974 CACM paper codified what had
been on the PDP-7 since 1969; Plan 9 (Pike,
Thompson, Presotto, Winterbottom, 1992) pushed the
idea to its logical end, with even the window
system as a file system. On FreeBSD the discipline
is intact: devfs since 5.0 (2003),
GELI as /dev/<name>.eli, ZFS
volumes under /dev/zvol/, bhyve under
/dev/vmm/. Linux has, in some corners,
drifted: D-Bus (2002), systemd (2010), Netlink,
eBPF. None are wrong; the cumulative effect is that
the file is now one of several interfaces rather
than the interface. Ritchie's verdict on Plan 9
that Unix did not follow through has, read against
2026 Linux, rotated by 180 degrees. One interface,
infinite implementations. A Unix one-liner reads
almost like a sentence because every noun in it is
a file. By Design Episode 07.
3 June 2026
architecture
devops
kubernetes
cloud
At 09:30 on 1 August 2012 the New York Stock
Exchange opened the Retail Liquidity Program. By
10:15 Knight Capital had ceased to be a going
concern. Forty-five minutes had cost the firm
roughly $440 million. The culprit was one server
out of eight, running code from 2003 that should
have been gone for years. Knight's SMARS routing
system ran on eight servers; new code reached
seven; the eighth kept a 2003 module called Power
Peg, disabled after 2005 by a flag, never deleted.
In 2012 the same flag bit was repurposed for RLP
eligibility. On seven servers the bit meant RLP. On
the eighth, in code from 2003, it still meant start
Power Peg. Each eligible order woke a nine-year-old
corpse; Power Peg had no concept of "order
filled". Three drifts compounded, none foolish at
the time: dead code disabled by a flag rather than
deleted, a deploy script that treated files-copied
as success, a release note that recorded a new use
of the flag without auditing every prior one. Two
disciplines would have stopped it. Delete dead code,
do not gate it. Verify after deploy: every target
reports the new build hash. On FreeBSD, rc.d
plus a shell loop hitting /version on
each host. The same shape travels: Kubernetes
cached images, feature flags with shifted semantics,
stale AMIs, Helm manifests from older caches. A
deploy that succeeds on seven of eight is one that
failed quietly on one. Production does not give
partial credit; the market gives none at all. Tales
from the Bare Metal Episode 06.
2 June 2026
unix
freebsd
tooling
devops
A maintainer sends you a fix. Not a branch, not a
pull request, not an invitation to fetch from a
remote. A text file with plus signs and minus signs
and a few lines of context around them. You type one
command, and your tree is current. A patch is a
recipe, not a snapshot: it does not contain the new
file, it contains the change that turns the old
file into the new one, which is why a fix to a
million-line codebase can travel as twenty lines of
email. The vocabulary is small: a header, hunk
ranges (@@ -42,7 +42,9 @@), context
space-prefixed, deletions minus-prefixed, additions
plus-prefixed. The daily idiom is
diff -u to make and
patch -p1 to apply. When a hunk does
not fit cleanly, patch tries line-fuzz; if it still
cannot, it writes the rejected hunk to a
.rej file, plainly. Honest about its
limits, that. FreeBSD ships patch in base, BSD-
licensed, descended directly from Larry Wall's
original source line; GNU patch is a separate fork
from the same root, GPL; both remain interoperable.
Larry Wall posted patch 1.3 to mod.sources on 8 May
1985 from NASA's JPL, two years before Perl; Wayne
Davison posted unidiff to
comp.sources.misc in August 1990,
saving roughly a quarter of the bytes. Forty-one
years later, every code review still speaks unified
diff. A format becomes universal when it is small
enough to be a sentence. Wall's was. Technical
Beauty Episode 38.
1 June 2026
freebsd
linux
unix
tooling
You go to delete a file. The system tells you it is
busy. df disagrees with du
by twenty gigabytes. Four refusals, one shared
question: which process is holding it open? FreeBSD
splits the work. procstat(1) is the
modern per-process interview, shipped with FreeBSD
9.0 in 2012 by Robert N M Watson and built on
libprocstat(3), a stable C library
every tool can link against; fstat(1)
is the system-wide ledger, in base since
4.3BSD-Tahoe in 1988. Linux folds the same job into
lsof(8), written by Vic Abell at
Purdue in 1991, two years after he had ported BSD's
fstat to DYNIX, SunOS and ULTRIX. The universal
hammer: regular files, sockets, pipes, anonymous
inodes, character devices and the synthetic entries
in /proc. lsof +L1 names
the deleted-but-held files when df and
du disagree; on FreeBSD the shape is
fstat -p <pid> | awk '$5=="-"'.
The Unix way prefers parts that compose;
lsof prefers parts that arrive
together. Both ship with the OS. Neither asks you to
write JSON. Learn the flags before the page goes
off. The Unix Way Episode 19.
31 May 2026
architecture
freebsd
kubernetes
devops
The pager has gone off. Memory on the auth service is
climbing. You SSH in, see nothing in particular, run
kubectl delete pod. Memory is fresh.
Nobody asks what was wrong. The reflex has two
parents and we kept one: a consumer-electronics
tradition with no language to be asked, and a 1986
architecture from Ericsson's Stockholm lab. Joe
Armstrong, Robert Virding and Mike Williams began
Erlang for telephone exchanges that could not go
down; the AXD301 switch is most often cited at nine
nines (the figure is contested, the architecture is
not). Let it crash, properly read, is not the Sky+
box; it is the IT Crowd if Roy were a written
contract. Processes are isolated, every worker has a
supervisor, every supervisor has a written strategy
(one-for-one, one-for-all, rest-for-one) with an
escalation limit. A failure is data. What we kept
was the crash; what we left in Stockholm was the
supervisor. Kubernetes liveness probes are, honestly
read, a contract that the orchestrator rotates the
symptoms while the cause goes unexamined.
Self-healing is accurate in the sense that someone
taking paracetamol every four hours has a
self-healing headache. WhatsApp serves over a
billion users on around fifty engineers, on Erlang,
on the Stockholm supervisor architecture. FreeBSD
has init, rc.d,
dtrace, ktrace,
procstat, core dumps; the reboot is
available, rarely the first reach, because the
system speaks. A restart is not a tool, it is a
measurement of how much of the cause you decided you
could afford to leave unknown. On Second Thought
Episode 10.
30 May 2026
architecture
security
cloud
law
Your phone changed assistants. You did not. Sometime
between Android 14 and 16, Google Assistant retired
and Gemini moved into the OS-level assistant slot,
the same long-press, the same "Hey Google". Pixel 10
shipped with Gemini already in the slot; eligible
Android devices (Android 10 or later, 2 GB RAM and
up) switched over by system update during 2025;
standalone Google Assistant retires around 31 March
2026, after which the only choices are Gemini or
None. On Pixel-class hardware Gemini Nano runs
on-device for a slice and powers Magic Compose, Call
Notes, Recorder Summaries and Scam Detection; heavier
work goes to Google's cloud, and the boundary is set
by Google with no UI indicator. iOS 27, due autumn
2026, takes the opposite path: Gemini as a sandboxed
extension at the application layer, opt-in, isolated
from the slot. A sandbox can be revoked and audited;
a model in the slot inherits the slot. The
architecture follows the business: Apple FY2025 is
about 74 per cent hardware, Alphabet 2025 about three
quarters advertising. The OS used to ask before
changing your browser. It did not ask before changing
the model behind your microphone. Not in the Brief
Episode 05.
29 May 2026
licensing
saas
architecture
law
You did not change how you use Java. In January 2023
Oracle changed how it counts you. The unit is no
longer how many people run Java; it is how many people
you employ. On 23 January 2023 Oracle replaced its
per-user and per-processor metrics with the Java SE
Universal Subscription, priced per employee, where
"employee" means every member of staff plus
contractors and agents, whether or not they have ever
touched Java. One server running Oracle's Java makes
the entire headcount billable. A firm of 12,000 staff
pays over €2 million a year whether twelve or
twelve hundred use Java. Oracle reads download history,
so a single legacy install becomes a retroactive claim
against the whole workforce. The escape is one of the
cleanest in the series, because the format was never
proprietary: switch to a free OpenJDK build (Temurin,
Corretto, Zulu, Liberica), all TCK-tested and built
from the same source as Oracle's binary from Java 11
on. Write once, run anywhere. Licence once, pay for
everyone. In the Net Episode 05.
28 May 2026
security
freebsd
architecture
web
On a shared hosting server you share one machine with
hundreds of strangers. This week it emerged that any
one of them could become root, and on a shared server
root over one account is root over all of them.
CVE-2026-48172, a flaw in the LiteSpeed cPanel plugin,
exposed lsws.redisAble through the normal
cPanel API to any logged-in customer; it forgot to ask
who was calling and ran as root (CWE-266). On 19 May
cPanel pulled the plugin, citing "unauthorized root
access"; LiteSpeed fixed it on 21 May; on 26 May CISA
listed it as actively exploited, a zero-day before the
patch existed (CVSS v4.0: 10.0). Versions 2.3 to 2.4.4
are affected; upgrade to 2.4.7 or remove the plugin.
Shared hosting sells a boundary it does not enforce:
hundreds of tenants share one kernel, one root, and the
wall is plugin code and good manners. On FreeBSD the
tenant boundary has a name, the jail, enforced in the
kernel. You never chose the strangers on your server.
This week, one of them could choose to be you. Wire
Fire Episode 03.
27 May 2026
architecture
cloud
devops
freebsd
In the early hours of 10 March 2021, a fire began in a
power room in Strasbourg. By morning an entire
OVHcloud data centre was gone. The data loss was not
the surprise; the surprise, for thousands of
customers, was that they had backups, and the backups
had burned with the building. SBG2 was destroyed
entirely, SBG1 badly damaged; ~3.6 million websites
went dark. SBG2 used a free-cooling tower design that,
once alight, behaved like a chimney; the floors were
wooden, rated for about an hour; none of the five
buildings had an automatic extinguishing system. The
lesson is not cooling towers but failure domains: a
backup can be complete, valid and restorable and still
worthless if it shares a failure domain with the
original. The rule is older than the cloud: 3-2-1,
three copies, two media, one off-site. On FreeBSD,
zfs send a snapshot to a pool in another
region; with restic or borg, replicate somewhere the
same fire cannot reach. Redundancy that shares a
postcode is decoration. The fire does not read your
architecture diagram. It reads the floor plan. Tales
from the Bare Metal Episode 05.
26 May 2026
unix
freebsd
tooling
linux
A disk is filling up. Somewhere under /var are thousands
of stale log files. One line finds them all and clears
them: find /var/log -name '*.log' -mtime +30
-delete. No loop, no script. The tool that reads
that line like a sentence has been doing so since 1979.
Most Unix tools take flags; find takes an expression.
You compose primaries (-name,
-type, -mtime,
-size) and operators (implicit AND,
-o, !, grouping) into a small
query language, and the tool walks the tree satisfying
it. That is the reduction: not a flag for every case,
but a grammar that builds every case from a few parts.
FreeBSD ships BSD find in base, BSD-licensed and
POSIX-clean; GNU findutils (GPL) accreted more. Dick
Haight wrote find for Version 7 Unix in 1979 in the
Unix Support Group; the researchers were put off by the
syntax and kept it because it was useful. The modern
descendant fd (David Peter, Rust, 2017) reproduces the
same idea. find is the rare Unix tool that is a little
language pretending to be a command. Technical Beauty
Episode 37.
25 May 2026
freebsd
linux
security
unix
A laptop is left on a train. With full-disk encryption,
the finder has an expensive paperweight and a drive
full of noise. Without it, they have your keys, your
mail and your customers. FreeBSD and Linux both solve
this well; they solve it rather differently. GELI is a
GEOM class: in FreeBSD the block layer is one
framework, and encryption is just another composable
transform alongside mirroring, striping and labelling,
with per-sector HMAC integrity behind one flag. LUKS
writes a LUKS2 header and opens the device through
device-mapper as dm-crypt; its argon2id key derivation
is memory-hard and genuinely ahead of GELI's PBKDF2.
For integrity on Linux you add a second layer,
dm-integrity, beneath dm-crypt. Both default to
AES-256-XTS and both turn a stolen drive into noise.
One framework of uniform parts, or several specialised
parts composed. The Unix way prefers the version you
can hold in one hand. The Unix Way Episode 18.
24 May 2026
architecture
freebsd
unix
tooling
A new test file. Before a single assertion, you build a
world: a fake database, a fake clock, a fake mailer.
Forty lines of fakes, two lines of test. A test with
no mocks at all would look almost negligent. The unit
test was born pure: Kent Beck's SUnit (1994) tested
parsers, algorithms, pure functions, with nothing to
fake. We carried the practice into application code,
which is nothing but world, and faked the world to
keep calling the tests "unit" tests; dependency
injection arrived to make the faking tidy. The larger
half of the question nobody asked: why was the logic
tangled with the world in the first place? The most
testable software ever written has no mocks at all. A
Unix filter (grep, awk, sort) is pure: text in, text
out. Gary Bernhardt called the shape functional core,
imperative shell (2012); Alistair Cockburn called it
ports and adapters (2005). A mock is not a tool. It is
a reading on a gauge. On Second Thought Episode 09.
23 May 2026
law
web
architecture
freebsd
You are reading this on LinkedIn. Somewhere in your
settings sits a switch labelled "Data for Generative
AI Improvement". For most of us it is on. None of us
turned it on. It lets LinkedIn use your profile and
public posts to train generative AI models, its own
and those of its affiliate Microsoft; private messages
are excluded. It arrived already enabled on 18
September 2024, opt-out only, before the terms were
updated to mention it. Europe was spared after the UK
ICO raised concerns, then switched on as well on 3
November 2025. The legal basis claimed is "legitimate
interest"; the opt-out is forward-only, so anything you
made public before the regional cut-off is already in
the set. This is not a breach and not surveillance:
the content is what you chose to publish. The
judgement is about architecture: default-on with a
quiet notice treats your silence as a yes. Settings
& Privacy → Data Privacy → Data for
Generative AI Improvement: thirty seconds to check.
Not in the Brief Episode 04.
22 May 2026
licensing
architecture
saas
freebsd
You bought VMware once, outright, the way you buy a
tool. In November 2023 a $69 billion acquisition
closed, and the thing you owned quietly became a thing
you rent. Broadcom ended perpetual licences
(subscription only, or support and security updates
stop), withdrew the free ESXi hypervisor then quietly
reinstated it as a non-production build that cannot
reach vCenter, and moved licensing from per-CPU to
per-core sold in bundles (VVF, VCF) that bill for NSX
and vSAN whether or not you run them. VMware held
roughly 70 per cent of the virtualisation market in
2024; Gartner expects 40 per cent by 2029. Ingram
Micro stopped carrying VMware in early 2025; a 72-core
minimum appeared then vanished ("never announced a
price change"); AT&T had to sue to keep support.
The escape route is a stack, not a product: bhyve,
jails and ZFS in the FreeBSD base, Sylve as the
Proxmox-style UI, Proxmox VE as the mainstream target,
migration over OVF and qcow2. The hypervisor, it turns
out, was never the expensive part. In the Net Episode
04.
21 May 2026
security
tooling
devops
freebsd
On 18 May 2026 an attacker published a poisoned version
of a popular Visual Studio Code extension. It was live
for eleven minutes. That was long enough to reach a
GitHub employee's laptop and exfiltrate around 3,800
of GitHub's own internal source-code repositories,
confirmed 20 May. The extension was a trojanised build
of Nx Console (nrwl.angular-console)
version 18.95.0. The attacker, TeamPCP (Google Threat
Intelligence: UNC6780), is asking over 50,000 dollars
for the stolen repositories. A VS Code extension runs
with the full privileges of the developer who
installed it, with no sandbox; the moment a workspace
opens, its activation code runs and can read any file,
run any command, reach any credential. The editor is
now part of the supply chain. The marketplace is a
registry now, and it is not being watched like one. On
FreeBSD the structural fix has a name: Capsicum. Wire
Fire Episode 02.
20 May 2026
architecture
freebsd
tooling
devops
23 September 1999. The Mars Climate Orbiter fires its
main engine to enter orbit, passes behind Mars, and is
never heard from again. The spacecraft cost 193 million
dollars. It was lost to a number with no unit on it.
Lockheed Martin's ground software computed thruster
impulse in pound-force seconds (imperial); NASA JPL's
trajectory software expected newton-seconds (metric).
One pound-force second is 4.45 newton-seconds. Every
correction over nine months was off by that factor;
the craft arrived at 57 km instead of 226 km, deep in
the atmosphere. The number was correct; it simply had
no unit attached as it crossed between systems. Three
conditions let it survive: the spec was a document not
a check, the warning was below the escalation
threshold, no end-to-end test crossed the boundary. In
science and engineering, measure in metric; where
systems must meet, make the unit travel with the
number (Rust newtypes, F# units of measure). The same
trap hides in GB versus GiB. Tales from the Bare Metal
Episode 04.
19 May 2026
unix
freebsd
tooling
linux
A development server holds a mystery. Someone deployed
something, the logs hold the truth. One types
grep -i timeout /var/log/messages and
three lines admit what happened. The command was
unremarkable. The thing that made it possible has
been answering that question since November 1973.
Doug McIlroy asked Ken Thompson for a tool: Lee
McMahon wanted to analyse the Federalist Papers by
pattern. Thompson disappeared into his office for
about an hour and emerged with grep, named after the
ed editor command g/re/p (global,
regex, print). The interior, carried for years by
Mike Haertel at GNU, uses Boyer-Moore for fixed
strings, Crochemore-Perrin two-way matching for
harder patterns, Thompson's 1968 NFA construction
for full regex, and mmap on the input.
FreeBSD ships bsdgrep in base since around 2010. The
shape (pattern plus files plus matching lines on
stdout) has stayed identical for fifty-three years.
ack, ag and ripgrep each rewrote the implementation;
none changed the interface. Technical Beauty Episode
36.
18 May 2026
freebsd
linux
unix
licensing
A production server is slow. The senior engineer wants
to know which syscall is blocking, on which thread,
for how long, without restarting the service. On
FreeBSD one types a dtrace one-liner and
the kernel answers. Linux took the rather scenic
route. Bryan Cantrill, Mike Shapiro and Adam Leventhal
designed DTrace at Sun in 2003; Solaris 10 GA in
January 2005; John Birrell ported it to FreeBSD on 6
January 2009. Linux could not adopt DTrace upstream
because the CDDL accepts coexistence and the GPL does
not. The Linux rebuild started from a 1992 substrate:
BPF by McCanne and Jacobson. Alexei Starovoitov and
Daniel Borkmann generalised it into eBPF, merged in
Linux 3.18 on 7 December 2014; BCC arrived in 2015;
Brendan Gregg announced bpftrace as "DTrace 2.0 for
Linux" in October 2018. The shape was always the same.
The journey was a great deal longer. The Unix Way
Episode 17.
17 May 2026
architecture
docker
freebsd
kubernetes
A new service. README, then Dockerfile. Within the
hour, the team is debating the registry, orchestrator,
sidecar and Helm chart. Nobody quite remembers when
this became the second decision. Three currents
converged. Isolation: Poul-Henning Kamp wrote Jails
for FreeBSD in 1999 as a single coherent abstraction
with no daemon; Linux reproduced it less coherently
as eight separate namespaces from 2006 to 2008; Docker
(2013) wrapped the arrangement in a brand. Org-shape:
Scrum (1995–2001) split organisations into
sprint-shaped teams; Conway 1968 explained that
sprint-shaped teams produce service-shaped architecture.
Runtime: Node.js 2009 was single-threaded by design.
The bill: node:22 over a gigabyte;
dockerd above 5 GB at 183 containers; a
network call costs one thousand times a function call.
Amazon Prime Video returned video monitoring to a
monolith at ~90% cost reduction; Segment consolidated
140 services into one; Istio merged its own control
plane back into a single binary. The alternatives have
been quietly working: FreeBSD Jails, Capsicum, OpenBSD
pledge and unveil, Go and Rust finding their own
cores. On Second Thought Episode 08.
16 May 2026
security
architecture
freebsd
tooling
Open Windows 11 on a Copilot+ PC. Navigate to Settings,
Privacy & security, Recall & snapshots. The
switch is there. The feature is opt-in today. It was
not opt-in when it was first shipped in May 2024, and
the first version stored its snapshot database mostly
in cleartext. Microsoft Recall captures snapshots at
regular intervals, indexes them with a local AI model,
and offers natural-language search over the user's
past activity. Announced at Build May 2024, withdrawn
June 2024 after Alexander Hagenah's TotalRecall
extracted the database trivially, re-released April
2025 on a VBS Enclave with AES-256-GCM, TPM-bound keys
and Windows Hello. In March 2026 Hagenah's TotalRecall
Reloaded showed user-level code injecting into
AIXHost.exe reads decrypted snapshots
after Windows Hello unlock. Microsoft VP David Weston:
"consistent with intended protections", "does not
represent a bypass". The vault door is titanium. The
wall next to it is drywall. The opt-in default is the
result of public pressure, not original design. Not
in the Brief Episode 03.
15 May 2026
cloud
architecture
law
saas
In March 2024 AWS waived data-egress fees for customers
wishing to leave. Two years on, leaving is harder than
ever, and egress is no longer the reason. The lock-in
lives in three layers, only one of which gets
discussed. The egress layer (Free Data Transfer Out
For Leaving, gated on good standing, more than 100 GB,
all data, 90 days, account-level review) arrived
rather neatly before EU Data Act Article 25 prohibits
all switching charges from 12 January 2027. The
runtime layer (Aurora's six-way replicated storage
fabric, Babelfish, Limitless Database, DynamoDB
without an on-prem equivalent, Lambda wired to
EventBridge, SQS, SNS, CloudWatch) compounds with
every AWS-specific decision. The identity layer (IAM
policy language, ARNs, KMS keys that never leave AWS
in plaintext, Identity Center permission sets) is
five years of security history in JSON. AWS holds
~30% of the global cloud market, the Big Three ~65%.
37signals dropped from ~$3.2M/y to under $1M on-prem,
hardware recouped in year one. Twenty-one per cent of
workloads have already been repatriated. You can take
your data with you. The architecture stays behind.
In the Net Episode 03.
14 May 2026
security
node
freebsd
architecture
Six weeks, four waves, one open-source worm. 31 March
2026: state-sponsored operators (Microsoft Sapphire
Sleet, Mandiant UNC1069) backdoor axios
1.14.1 and 0.30.4 for three hours, tagged
latest; roughly 100M weekly downloads.
29 April: Mini Shai-Hulud hits four SAP-related npm
packages. 11 May 19:20 to 19:26 UTC: 84 versions
across 42 TanStack packages in six minutes, scaling
to 172 packages and 403 versions on npm and PyPI in
48 hours; ~518M cumulative downloads;
@uipath,
@mistralai/mistralai, OpenSearch and
Guardrails AI also affected. 12 May: vx-underground
reports the fully weaponised Shai-Hulud source is
now public. 454,648 malicious npm packages in 2025
alone; over 99 per cent of all open-source malware
now targets npm. The architectural answer is older
than the problem: FreeBSD VuXML, jails, Capsicum,
Ports with named maintainers and human review. Wire
Fire Episode 01.
13 May 2026
security
performance
architecture
freebsd
13:42 UTC, Tuesday 2 July 2019. A Cloudflare engineer
deploys one new managed WAF rule. Within seconds every
Cloudflare server in the world is at 100% CPU and HTTP
traffic stops moving. The rule was a regex of
forty-five characters; the catastrophic sub-expression
(?:.*=.*), two greedy quantifiers in
sequence, classic catastrophic backtracking on PCRE.
Quicksilver propagated the change worldwide in
seconds; the dashboard that would have disabled it ran
on the same edge network, unreachable. Twenty-seven
minutes from push to traffic-restored on a service
that fronts a sizeable share of the public internet.
Three systemic conditions: an author solving for
coverage, an engine with no runtime budget, a
deployment path with no staged rollout. The unixoid
answer: linear-time engines (RE2, Rust regex), FreeBSD
rctl(8) for the budget the engine cannot
enforce, global propagation as the kill switch and not
the default. Tales from the Bare Metal Episode 03.
12 May 2026
freebsd
linux
tooling
unix
You have typed tcpdump -ni em0 'tcp port 443'
at three in the morning and watched the lines scroll
past in a small green miracle. The command was
unremarkable. The thing that made it possible has been
quietly doing the work for thirty-seven years. Van
Jacobson, Craig Leres and Steven McCanne wrote
tcpdump at Lawrence Berkeley Laboratory in
1988; McCanne and Jacobson published "The BSD Packet
Filter" in December 1992, winning Best Student Paper
at USENIX Winter 1993 and quietly rearranging how
every serious network tool would be built for the next
three decades. Wireshark, Zeek, snort,
suricata, nmap,
ngrep and tshark all sit on
libpcap, which sits on BPF, which still
sits in the kernel of every BSD and Linux machine in
production. eBPF (Alexei Starovoitov, Linux 3.18,
December 2014) is BPF with new opcodes and a verifier;
the lineage runs back to the same paper. Technical
Beauty Episode 35.
11 May 2026
freebsd
linux
unix
performance
On a busy Linux load balancer one types
netstat -anp and makes a cup of tea. On
FreeBSD the same workload returns before the kettle
finishes. Both speak Unix text and pipe into
grep; only one was built the way Unix
tools are built. FreeBSD's netstat has
been in base since 4.2BSD shipped TCP/IP in August
1983; it asks the kernel through
sysctl net.inet.tcp.pcblist and formats
the answer at its mouth. Linux net-tools
netstat reads /proc/net/tcp,
a kernel-rendered ASCII dump that is readable but not
askable; no new release since 2011, deprecation
attempted 2009. Alexey Kuznetsov restored the Unix
pattern with ss by adding netlink
NETLINK_INET_DIAG in Linux 2.6.14
(October 2005), generalised to
NETLINK_SOCK_DIAG in 3.3 (March 2012). The
shape ss restored is the shape
sysctl has been running on FreeBSD since
1983. The Unix Way Episode 16.
10 May 2026
web
performance
javascript
architecture
Brendan Eich wrote JavaScript in ten days in 1995, for
form validation. AJAX in 2005 had a real argument;
Gmail and Maps earned it. The brochure inherited it
without re-examination. The 2025 median page ships
697 KB of JavaScript before a single character of
content arrives, per the HTTP Archive Web Almanac. The
bill arrives in three layers: client power, a
duplicated server runtime in Node.js, and an npm
dependency cloud supervised by a second cloud of
Dependabot, Snyk and Renovate. Wikipedia on PHP, GOV.UK
with mandated progressive enhancement, Hacker News in
Arc, HEY on Hotwire, HTMX at 14 KB, Netflix removing
client React for +50% Time to Interactive, and
Cloudflare Pingora replacing nginx-and-Lua at 70% less
CPU at one trillion requests per day prove the
alternative is in production. The fastest bundle is
the one that is never shipped. On Second Thought
Episode 07.
09 May 2026
security
web
architecture
tooling
Open Microsoft Edge. The browser silently decrypts every
saved password into the msedge.exe process,
eagerly, at launch, and keeps the entire vault in cleartext
in RAM until the browser is closed. Disclosed by Tom Jøran
Sønstebyseter Rønning at Palo Alto Networks
Norway's BIG Bite of Tech, 29 April 2026. Microsoft, in its
own words, calls the architecture "by design". Chrome since
2024 decrypts lazily and binds keys to the SYSTEM-level
process via Application-Bound Encryption; Brave, Opera and
Vivaldi inherit the lazy behaviour. Edge alone does neither.
Five minutes with Process Explorer to see it; one Group
Policy value to disable it. Not in the Brief Episode 02.
08 May 2026
licensing
law
saas
architecture
LinkedIn 2002. 1.1 billion users in 2026. The reach
algorithm penalises external links (~18.8 per cent
reduction in van der Blom's 2026 study of 1.3M posts),
penalises thematic breadth via a topic fingerprint, and
is computed by 360Brew, a 150-billion-parameter
foundation model trained on the Economic Graph. The
native CSV export gives first-degree names without the
graph that makes them a network. Microsoft is a DMA
gatekeeper; LinkedIn is not, by regulatory choice. The
exit door opens onto a car park.
07 May 2026
lua
freebsd
tooling
architecture
1993, PUC-Rio Tecgraf: Ierusalimschy, de Figueiredo and
Celes merged DEL and Sol into Lua to give Petrobras a
portable configuration language. Lua was not born as a
scripting language; it was born as a config language.
The table is array, hash, record, object and namespace
at once. FreeBSD's boot loader has read
/boot/lua/loader.lua since 2018, Neovim's
init.lua since 2021, OpenResty runs
Cloudflare's edge, World of Warcraft's UI is Lua, and
the Norway problem cannot occur because Lua has no
opinion about your country codes. The honest format
is the one that admits what it is.
06 May 2026
cloud
architecture
devops
freebsd
09:37 PST, 28 February 2017. An authorised S3 engineer
presses Enter on a routine capacity-removal command
with one mistyped argument. By 13:54, half the
public-facing web has been quiet for four hours, and
the AWS Service Health Dashboard has spent two of them
showing every service in healthy green because its
console depended on S3. Three systemic conditions: a
tool with no floor of safety, a recovery path aged
unrehearsed, and a status surface that shared fate
with the system it described. The command did exactly
what was asked. The architecture decided what
exactly meant.
05 May 2026
freebsd
security
unix
tooling
Open the sudo CHANGELOG and search for the word
"security". Make a cup of tea first. In July 2015 Ted
Unangst grew tired of negotiating with sudo on OpenBSD
and wrote his own: roughly 1,100 lines of C plus a
small yacc grammar, default in OpenBSD 5.8 by October
2015. The configuration fits on a postcard. No PAM, no
LDAP, no plugin loader, no /etc/doas.d/.
Sudo's CHANGELOG carries Baron Samedit, Pwfeedback,
sudoedit and the 2025 host-option and chroot
vulnerabilities. The upstream OpenBSD doas, in the
same period, has carried no comparable critical CVE.
A tool that does less has less to break.
04 May 2026
freebsd
linux
unix
devops
Ask a Linux admin which time daemon their server runs.
Pause for the silence. NTP since 1985 by David L. Mills.
On FreeBSD: ntpd in base since 2000, one
line in /etc/rc.conf, the same answer for
twenty-five years. On Linux: ntpd the
legacy original, chrony the modern Red
Hat-maintained replacement, and
systemd-timesyncd the SNTP-only minimalist,
each with its own config path and diagnostic. The cost
of three answers is paid every time an admin inherits a
server.
03 May 2026
architecture
tooling
performance
The ORM hides the SQL. The cache hides the ORM. The
service mesh hides the services. The operator hides the
YAML, which hides the kubelet, which hides the
container, which hides the process. Dijkstra (1968) and
Parnas (1972) introduced layers as a discipline to
contain complexity; somewhere between Parnas and the
cloud generation, containing became postponing. Lehman
named the cost; Karlton named the diagnostic. SQLite,
awk and pf are the proof that reduction is achievable.
The plaster is cheap. The wound is not.
02 May 2026
web
security
javascript
architecture
Open chrome://on-device-internals and, if
your machine qualifies, you will see a multi-gigabyte
Gemini Nano language model that Chrome has quietly
downloaded. Any website can call it through an API in
JavaScript. There is no permission prompt. The browser
used to ask about the camera. It does not ask about the
model. Seven APIs, three tabs to reveal it, one
Enterprise registry value to disable it, and the same
pattern in Edge, Brave, Firefox, Arc and Safari. Not in
the Brief opens with the documented mechanics, plainly
told.
01 May 2026
licensing
law
saas
architecture
In 2012 a studio bought Adobe CS6 Master Collection once
for around 2,500 EUR per seat. In 2026 it leases
Creative Cloud All Apps for around 743 EUR per seat per
year. The promise was real for thirty years. The
architecture under the subscription is a separate story:
proprietary PSD/AI/INDD as anchors, Cloud Libraries that
decay on cancellation, an Early Termination Fee the US
DOJ took to court in June 2024, eighty per cent market
share that makes the lock-in industry-wide, and a
February 2024 Terms-of-Service update Adobe later had
to walk back. In the Net opens.
30 Apr 2026
postgresql
devops
architecture
unix
Half past eleven on a Tuesday in 2017, two visually
identical terminals, one rm -rf, three
hundred gigabytes of GitLab production data gone in two
seconds. The hard part came later: discovering, one by
one, that none of their five backup mechanisms had been
working. pg_dump silently broken since an upgrade, alert
emails rejected by DMARC, LVM snapshots scoped for
staging, Azure snapshots never enabled, WAL archiving
never configured. The principle is older than every
database: backups are not backups until they have been
restored. Tales from the Bare Metal opens.
29 Apr 2026
css
web
javascript
tooling
A card in a 280-pixel sidebar and the same card in a
1100-pixel dashboard. The team wrote a ResizeObserver,
doubled the CSS, and accepted the occasional flash of
unstyled content. Container queries collapsed the whole
apparatus into two declarations. Cross-browser stable
since Firefox 110 on 14 February 2023; global usage 94
per cent in March 2026. The fourth in a quiet series of
native answers (page transitions, deep clone, scope,
width). The cascade was capable all along.
29 Apr 2026
law
licensing
saas
tooling
Amazon since World Book Day, the publisher's direct shop
six days later. The gap was not laziness. It was the
Amazon arithmetic (60% above the threshold, 40–50%
net), the German Buchpreisbindungsgesetz (one fixed price
for everyone, the publisher included), the One-Stop-Shop
quarterly tax window (filed in April, effective 1 July),
and a payment processor whose merchant geography is
better understood as plumbing. Hardcover 90 EUR,
paperback 80 EUR, hand-signed direct. PDF and ePub 40 EUR
each, direct-only. The numbers told plainly.
28 Apr 2026
freebsd
security
unix
tooling
In May 2001 OpenBSD pulled IPFilter out of the source tree
over a licence dispute. Daniel Hartmeier, who had never
written kernel code, replaced it in twenty-five days. By
December it shipped in OpenBSD 3.0. Twenty-five years on,
pf is the firewall in OpenBSD, FreeBSD, NetBSD, DragonFly
and macOS, runs on roughly a billion Apple devices, and
Linux's nftables (2014) is rather quietly an admission
that pf had the right shape all along.
27 Apr 2026
freebsd
linux
zfs
unix
Between firmware that knows almost nothing and a kernel
that must know everything sits a small program with a
rather strange job. FreeBSD's loader: ~600 KB Forth,
ZFS-aware Boot Environment menu. LILO (1992-2015):
block lists, run /sbin/lilo or the machine declines to
boot. GRUB 2: an operating system before the operating
system. Three theories of the OS.
26 Apr 2026
architecture
tooling
The dashboard is green. Production has been quietly fragile
for eleven weeks. Taylor 1911, Goodhart 1975, Strathern
1997, Jeffries 2019: we were warned by name, twice in
one century. The engineer who prevents three outages
closes zero tickets and is invisible. The one who closes
forty-seven is promoted. The chair, somewhere, is not
being built.
25 Apr 2026
security
node
freebsd
tooling
A blank Express server resolves 65 packages. A blank Next.js
app resolves 644. Six hundred and forty-four pieces of
someone else's work to render eighteen characters of text.
Then there is XZ: two and a half years of patient social
engineering, caught by one engineer noticing 500 milliseconds
of SSH latency he did not expect. Next time it might be 50.
24 Apr 2026
kubernetes
architecture
performance
mTLS, observability, zero-code retries. Splendid. CNCF 2024
Survey: mesh adoption 42%, down from 50%. 2025 peer-reviewed
benchmark: Istio sidecar +166% mTLS latency, Linkerd +33%,
Istio Ambient +8%. 60 MB RAM per pod, 60 GB across a 1,000-pod
cluster before code runs. Ambient mode is Istio's own
admission that sidecars were a problem.
23 Apr 2026
architecture
tooling
Today, on UNESCO's World Book Day, my first book goes on sale.
371 pages on FreeBSD, from philosophy to practice. Five months
of writing, three weeks of final proofs, then 72 hours of
problems one does not anticipate: one unclosed counter on the
number 8, a cover PDF with invisible adjustment layers, a KDP
form that calls the input "list price" and quietly means net,
a Kindle still in Amazon's review queue.
22 Apr 2026
css
web
html
.card h3 { font-weight: 600 } and the third-party widget has its
own .card with an h3. You reach for BEM, CSS Modules, 80 KB of
styled-components. @scope is the native answer: zero specificity,
a new cascade tier called scoping proximity, and cross-browser
stable since December 2025. The cascade, after twenty-five years,
is finally finished.
21 Apr 2026
tooling
html
web
On 15 March 2004, John Gruber posted a blog entry and a
1,400-line Perl script. Aaron Swartz was the sole beta-tester.
No lexer, no parser, no AST. Twenty-one years later, GitHub,
GitLab, Reddit, Discord, Notion, and every major LLM speak
Markdown. Third year running as the most admired documentation
format. Plain text won. One rather thought it might.
20 Apr 2026
freebsd
zfs
unix
devops
At 3 AM on a production cluster measured in terabytes, the question
is whether any of your backup tools will finish before breakfast.
ZFS snapshot, send, clone: atomic in milliseconds, 40 TB delta in
seconds, copy-on-write branches at zero cost until divergence.
Backup, replication, and branching are not three tools. They are
three uses of the same primitive.
19 Apr 2026
security
web
law
In January 1996, two men in New York founded DoubleClick. Nobody
voted on this. Today: 7 third-party trackers per page, 600 billion
real-time bid requests per day, 90% accept when "Reject all" is
hidden. Apple ATT, 2021: one OS-level prompt cost Meta $10 billion
in a single year. The technology was always there. Default-on
tracking was a choice.
18 Apr 2026
performance
architecture
cloud
Knuth's quote was 97%/3%. Only the 97% survived. Discord rewrote
Go in Rust: memory down 40%, latency 160x. Twitter decommissioned
148,000 servers and continued to function. WhatsApp 2015: fifty
engineers for 900 million users. Data centres: 415 TWh in 2024,
945 TWh projected by 2030. The bill was always there.
17 Apr 2026
security
architecture
saas
Okta paid $6.5 billion for a company doing $200 million in revenue.
The arithmetic suggests the customer would eventually pay for the
difference. Two breaches, a 300% per-MAU price hike, and by March 2025
every Okta customer's name and email had been exfiltrated. The
password hash was always there. One simply decided it wasn't fancy enough.
16 Apr 2026
architecture
performance
In 2009, Salvatore Sanfilippo built a database around an event loop that
processes commands sequentially. No locking. No mutexes. No context
switches. A contested mutex costs 10,000 CPU cycles. Redis chose to make
contention structurally impossible instead. Seventeen years later, one
thread, 1.5 million operations per second.
15 Apr 2026
javascript
web
JSON.parse(JSON.stringify()) destroys Date, Map, Set, RegExp,
and throws on circular references. structuredClone handles
all of them. Zero KB. Built in since 2022. Lodash cloneDeep:
17 KB, 22M downloads/week, unchanged for a decade. One does
note the difference.
14 Apr 2026
ssh
security
unix
2,624 lines of C. One file. One socket. No config. No YAML.
The private key never leaves the process. Born from impatience
in 1995, designed with discipline, still the authentication
backbone of every CI/CD system on earth. These are not
features. These are manners.
13 Apr 2026
unix
freebsd
linux
devops
cron tells you when. periodic tells you what happened.
FreeBSD: one config file, severity-coded output, daily email.
OpenBSD: pledge/unveil violation reports every morning.
Linux: twenty files for ten tasks. The problem was never
scheduling. It was accountability.
12 Apr 2026
cloud
architecture
devops
27% of cloud spend wasted. $182 billion per year. 37signals
saved $10M+ leaving AWS. Ahrefs: 11.3x cheaper on-prem.
86% of CIOs plan repatriation. The cloud was the only
answer nobody got fired for choosing. What if the default
is wrong?
11 Apr 2026
architecture
web
Notion: notes to email client. Jira: bug tracker to 3,000
plugins. Google: 299 products killed. Sonos: CEO resigned.
Skype: 405M users to shutdown. VLC: media player since 2001,
never tried to send your email. The best software never
added the wrong features.
10 Apr 2026
architecture
cloud
$700 exam. Expires in 3 years. Repeat. Non-certified skills
earn 2% more since 2007. CompTIA: $168M/year, now PE-owned.
Kent Beck called it a pyramid scheme. When private equity
acquires the exam, the product is you.
09 Apr 2026
architecture
performance
security
In 2006, Graydon Hoare walked up twenty-one flights of stairs
because his elevator had crashed. Memory bug. C code. He started
writing Rust that evening. No null. No exceptions. No GC. No
inheritance. Every "no" eliminates a category of bugs. The
elevator stops crashing.
08 Apr 2026
css
html
web
We shipped 400KB of JavaScript so a heading could fade. The
browser does it now. Three lines of CSS. Zero JavaScript.
Barba.js: 7.5KB. Framer Motion: 32KB. View Transition API:
0KB. Because it is the browser. 87.82% global coverage.
Progressive enhancement, done properly.
07 Apr 2026
unix
freebsd
performance
In 2001, Bryan Cantrill had built an entirely synthetic
system and could not ask it what it was doing. DTrace was
the answer. Zero overhead. Safe by construction. Concise
answers to arbitrary questions. Twenty-three years later,
the system still answers.
06 Apr 2026
unix
freebsd
linux
architecture
In 1978, Doug McIlroy wrote four sentences. They have outlasted
every framework since. grep searches. sort sorts. awk transforms.
Compose them through pipes. FreeBSD, macOS, OpenBSD: the systems
that follow the philosophy outlast the systems that ignore it.
05 Apr 2026
architecture
web
In the 1990s, CS taught foundations. In 2026, it teaches React.
Alan Kay warned us in 2004. MIT launched The Missing Semester
because its students could not use grep. 250,000 Kubernetes
certifications. One does wonder how many could explain what a
process is.
05 Apr 2026
javascript
performance
security
architecture
METR: developers 19% slower with AI (believed 20% faster).
19.6% of recommended packages do not exist. 40% of Copilot
output contains vulnerabilities. Refactoring collapsed. Trust
dropped. The answer is not more AI. It is less complexity.
Write lean. The AI will follow.
04 Apr 2026
javascript
architecture
web
Your software worked on Friday. npm update broke it on Monday.
Angular: 18 major versions in 10 years. 75% of dev time on
maintenance. SQLite has been backwards-compatible since 2004.
The treadmill is not inevitable. It is profitable.
03 Apr 2026
javascript
node
performance
architecture
Built in ten days for form validation. Express: 20K RPS. Rust:
60K. Idle memory: 30-50 MB vs 1-2 MB. One thread. 500K
malicious npm packages. The creator called node_modules an
irreparable mistake and built Deno. The full-stack tax,
itemised.
02 Apr 2026
architecture
unix
In 1972, IBM separated values with commas. No specification.
No committee. Thirty-three years later, someone wrote the RFC.
60% of enterprises still use CSV. The format that requires no
agreement outlasts the format that requires consensus.
01 Apr 2026
css
html
javascript
web
Floating UI: 35 KB. Popper.js: 28 KB. Tippy.js: 22 KB. The
native equivalent: zero kilobytes and a few lines of CSS.
The Popover API ships in every browser. CSS Anchor Positioning
is landing. One rather suspects the library authors saw this
coming.
31 Mar 2026
security
web
Before 2015, HTTPS was a luxury. A certificate cost $50 and
a week of manual process. Then four people decided this was
absurd. 700 million websites. 10 million certificates per
day. Ten years. Zero pounds. The complexity was never inherent
to the problem. It was inherent to the business model.
30 Mar 2026
unix
freebsd
linux
security
107 million weekly downloads for dotenv. A package that reads
KEY=VALUE pairs from a file. Unix has done this since 1979.
GitHub detected 39 million leaked secrets in 2024. Even
Node.js conceded and shipped --env-file natively. Rather
marvellous, that.
29 Mar 2026
performance
web
30% of a knowledge worker's day spent searching. Trust score
down 23% in one year. 83% zero-click rate with AI Overviews.
58.5% of searches end at Google. The search engine that once
finished your sentence now wastes your afternoon.
28 Mar 2026
architecture
performance
In 2023, Klarna replaced 700 support agents with AI. Costs
down 25%. In 2025, they started rehiring humans. 64% of
customers prefer no AI in support. 41% higher code churn.
19% slower with AI tools. When the product gets cheaper to
produce but not cheaper to buy, you are the margin.
27 Mar 2026
demoscene
performance
64 kilobytes. Three minutes of architectural hallucination.
Corridors fold into corridors. Rooms dissolve into rooms.
Every frame calculated in real time from a single executable.
When the constraint disappears, the art remains.
27 Mar 2026
javascript
architecture
web
performance
In 2012, Facebook had a problem: hundreds of microservices,
a mobile News Feed, constrained bandwidth. They built GraphQL.
The solution was brilliant. For Facebook. You have 12 REST
endpoints and a fetch() call. But do carry on.
26 Mar 2026
sql
architecture
performance
In 2000, D. Richard Hipp built a database for a U.S. Navy
destroyer. The existing Informix installation required a DBA.
Hipp's solution was not to fix the server. It was to eliminate
it entirely. 600 KB. One file. Zero configuration. The most
deployed software module in history.
25 Mar 2026
javascript
rust
web
architecture
Most real-time features are one-way. The server knows something
changed, the client needs to hear about it. The browser solved this
in 2015 with one line of JavaScript that nobody teaches. No npm.
No reconnect logic. No babysitter.
24 Mar 2026
unix
tooling
2.7 million people have visited Stack Overflow to learn how to
exit a text editor. The most feared tool in computing is also
the most elegant. A composable grammar born from a 300 baud
modem. Fifty years of production. Zero licence fees.
23 Mar 2026
unix
freebsd
linux
devops
Eric Allman wrote syslog in the 1980s. Forty years of production.
Zero licence fees. Log rotation, live monitoring, frequency analysis,
and alerting. Four commands. Each composable. Each free. Each older
than most of the frameworks they are supposed to be replaced by.
22 Mar 2026
architecture
performance
Every mainstream programming language was designed by a mathematician.
Not one linguist in the room. Ninety years later, we are still writing
in their notation. One does wonder what might have happened if someone
had invited one.
22 Mar 2026
devops
performance
unix
cloud
syslog has existed since 1983. In 2026, a mid-sized company
spends $708,000 per year to know whether its servers are running.
97% report cost surprises. The watchtower now costs more than
the castle.
21 Mar 2026
javascript
performance
architecture
tooling
Every Electron app ships its own copy of Chromium. Slack, Discord,
Teams, VS Code. Four apps, four browsers, none displaying a web
page. The company saves on engineering. The user pays in RAM,
battery, and disk space.
20 Mar 2026
devops
cloud
licensing
tooling
You wanted to provision a server. You got a proprietary language
that cannot express a conditional, a state file that stores your
secrets in plain text, and a licence that changed overnight after
nine years of open-source trust. Three invoices for one abstraction.
19 Mar 2026
react
javascript
performance
architecture
In 1995, PHP rendered HTML on the server and sent it to
the browser. In 2026, the industry renders HTML on the server,
then ships 558 KB of JavaScript to rebuild the very same DOM.
They call this hydration. Twenty years to return to where PHP started.
18 Mar 2026
html
css
javascript
performance
The average React project installs a validation library before
a single input field exists. The browser has validated forms
natively since 2014. Required, email, pattern, minlength.
No JavaScript. No bundle size. No excuse.
17 Mar 2026
unix
architecture
tooling
In 1964, Douglas McIlroy wrote a memo about coupling programmes
like garden hose. Nine years later, Ken Thompson implemented it
overnight. One character. The most elegant composition model
in computing, fifty-three years unchanged.
16 Mar 2026
unix
freebsd
linux
architecture
In 1969, Ken Thompson wanted to play a video game. The mainframe
cost $75 per session. So he found a PDP-7 with 9 KB of memory
and built an operating system. Its descendants run most of the
world. Rather good return on a video game.
15 Mar 2026
react
javascript
performance
node
React ships 136 KB to the browser. Next.js promised to fix
that. 247 MB of node_modules. 87 KB client runtime. The server
renders HTML, then the client rebuilds it from scratch. They
call this hydration. Six times faster by removing the framework.
14 Mar 2026
architecture
licensing
performance
Early access was invented so a solo developer in Stockholm could
finish a game about mining blocks. Then publishers noticed. They
copied the label. Not the honesty. 25,000 jobs lost at record
revenue. The handshake became a surcharge.
13 Mar 2026
devops
saas
performance
You wanted to track bugs. You got a bureaucracy engine with custom
fields nobody remembers creating and workflows nobody dares to
simplify. 68% of new users overwhelmed. 1-4 seconds per issue.
883 sites deleted. The invoice, itemised.
12 Mar 2026
architecture
javascript
performance
Robert C. Martin published Clean Code in 2008 to fix Java monoliths with
no structure. The industry copied the rules and forgot the context.
A prescription without a diagnosis.
11 Mar 2026
demoscene
performance
web
64 kilobytes. A seven-minute techno live set with procedural visuals
and synthesised audio, running in your browser. Won Best Soundtrack
at The Meteoriks 2024. Against every production of the year.
11 Mar 2026
javascript
web
architecture
React taught a generation to poll. The browser solved this in 2011 with
two lines of JavaScript and zero npm packages. WebSocket: persistent,
full-duplex TCP. Two bytes per frame. No library required.
10 Mar 2026
unix
tooling
devops
In 1974, James Hunt and Douglas McIlroy built diff at Bell Labs.
Two files in, one output: what changed. Every code review, every pull
request, every version control system since RCS stores history as diffs.
52 years in production. No subscription.
09 Mar 2026
ssh
unix
devops
You type ssh -i ~/.ssh/prod_key -p 2222 deploy@192.168.50.12 fourteen times
a day. There is a plain text file that reduces this to ssh prod. It has
existed since 1999. One file. No GUI. No subscription.
08 Mar 2026
architecture
performance
kubernetes
A function call costs 0.001 ms. A network call between two microservices
costs 1 to 5 ms. That is factor 5,000 before any business logic executes.
One rather wonders what one gets for that markup.
07 Mar 2026
architecture
saas
web
Cory Doctorow named it. You have lived it. Every platform begins by being
useful, then monetises its users, then monetises its business customers,
then dies. The cycle is not new. The speed is.
06 Mar 2026
devops
architecture
security
Software used to ship when it was ready. Now it ships when the sprint ends.
Chrome halved its release cycle twice. CrowdStrike pushed one update and crashed
8.5 million machines. The invoice for velocity is permanent instability.
05 Mar 2026
css
html
architecture
BEM was invented at Yandex to stop CSS from breaking across 100 services.
The industry adopted it to name twelve classes on a landing page.
A naming convention copied without the problem it solved.
04 Mar 2026
architecture
performance
rust
72% of the web runs on PHP. Not an accident. But the web has moved:
persistent connections, live pushes, minimal memory. Five languages,
one task, a 128x difference in memory. Two survive. One has a garbage
collector. The other does not.
03 Mar 2026
unix
tooling
In 2012, JSON was the lingua franca of the web and the Unix toolbox
had nothing for it. One PhD student at Cambridge wrote a functional
language in 510 KB of C. Forty years of flat text tools, plus one
for trees. 822 KB.
02 Mar 2026
freebsd
linux
security
unix
A compromised process inherits the full authority of the user who
launched it. Two operating systems fixed this with opposite philosophies.
One removed the doors. The other posted a bouncer. Same browser, same
threat model, two answers.
01 Mar 2026
graphql
rest
api
performance
GraphQL was built at Facebook for the News Feed: hundreds of content
types, three platforms, billions of requests. REST is 50% faster on
relational databases. 34x faster with eager loading. You have 12
endpoints. The performance tax, itemised.
28 Feb 2026
architecture
devops
performance
Software used to come on a disc. A bug on a pressed CD was a recall,
not a hotfix. Then the internet removed the disc, and methodology
made "never finished" respectable.
27 Feb 2026
saas
licensing
cloud
In 2012, you could buy Adobe Creative Suite for $2,599. You owned it.
In 2026, you pay $660 per year and own nothing. You were not upgraded.
You were expropriated. The subscription invoice, itemised.
26 Feb 2026
linux
freebsd
law
security
Europe wants digital sovereignty but builds on a kernel governed by US
corporations. 84.3% of Linux commits, $500K board seats, and a 2024
precedent that proved jurisdiction trumps community.
26 Feb 2026
docker
kubernetes
devops
cloud
Docker solved deployment. Then the industry decided it also solved development.
On macOS, that means running a Linux VM to execute a process that runs natively.
The engineering equivalent of driving to your neighbour's via Heathrow.
25 Feb 2026
css
web
For twenty-three years, CSS could only look downward. A parent styled its
children. Never the reverse. In 2023, three pseudo-classes changed the
direction of the cascade entirely.
25 Feb 2026
performance
web
demoscene
The demoscene taught a generation that constraint is not limitation; it is
method. Every instruction must justify its presence. The same principle
applies to production software.
24 Feb 2026
make
unix
tooling
1976. Stuart Feldman writes make in a weekend. Targets, dependencies,
timestamps. Three concepts. Fifty years. Same algorithm. The industry
responded with fourteen replacements. make still builds kernels.
23 Feb 2026
unix
architecture
Unix had single responsibility, API contracts, message queues, and service
discovery in 1973. The industry repackaged it and called it microservices.
22 Feb 2026
javascript
web
performance
558 KB median JavaScript per page. 44 per cent never executes. Mobile
parses 25x slower than your dev machine. The thermal throttling feedback
loop and the battery invoice, itemised.
21 Feb 2026
tooling
web
John Gruber wrote the specification in 2004. A Perl script. 1,122 lines.
Twenty-two years later, the format has not changed. It is text. Your
Confluence export has already lost its macros.
20 Feb 2026
architecture
devops
Six developers, 80 hours of sprint, 18 hours of ceremonies. A Scrum Master
who costs $126k and requires no technical prerequisites. The co-creator
says 75 per cent will fail. The Scrum invoice, itemised.
18 Feb 2026
html
css
javascript
web
22.5 million npm installs per week for JavaScript that recreates the
native dialog element. Focus traps, escape handlers, backdrop overlays,
ARIA semantics. Every browser ships it. Since 2022. Zero kilobytes.
18 Feb 2026
demoscene
performance
5 kilobytes. One person. First place. Krzysztof Kluczek wrote the code,
designed the visuals, and built a guitar synthesiser, all at the party
place during Riverwash 2014. Fractal cubes, volumetric light, and an
instrument that should not fit in a favicon.
17 Feb 2026
sed
unix
tooling
A psychologist at Bell Labs writes a text editor that never opens a file.
53 years later, it runs everywhere. 25 commands, two buffers, one pass.
Turing complete. The substitution syntax became internet grammar.
16 Feb 2026
linux
freebsd
unix
FreeBSD init runs on 178 shell scripts and one shared library. systemd ships
690,000 lines of C across 150 compiled binaries. Both start services. One of
them also replaced sudo.
15 Feb 2026
javascript
tooling
web
Webpack solved a 2012 problem that ES Modules natively solved in 2017.
esbuild is 106x faster. Vite cold-starts in 1.7 seconds. The bundler
that bundles your patience, itemised.
13 Feb 2026
sql
architecture
performance
MongoDB stores relational data in a document store, then spends a decade
rebuilding the relational features it discarded. The Aggregation Pipeline
is proprietary SQL. Mongoose is the schema you removed. The invoice, itemised.
12 Feb 2026
architecture
devops
tooling
In 1994, Kent Beck wrote SUnit to test isolated units of logic. By 2015, the
industry had turned his invention into a coverage KPI. 400 tests green,
checkout broken. The mocks should have been the clue.
11 Feb 2026
css
web
architecture
CSS Cascade Layers end the two-decade specificity war permanently.
One declaration line sets the hierarchy. Layer order outranks
specificity. No more !important, no inline styles as nuclear option.
10 Feb 2026
unix
tooling
In 1994, a computer science student in Mexico City wrote a file
manager. 31 years later, it runs on anything with a C compiler:
dual panels, built-in editor, FTP, SFTP, archive browsing. 220,000
lines of C. 12 MB of RAM. No venture capital. No rewrite in Rust.
10 Feb 2026
web
performance
architecture
HTTP/1.1 made bundling necessary. HTTP/2 made it obsolete. Multiplexing,
granular caching, and the rule that inverted itself a decade ago. The
fastest bundle might be no bundle at all.
09 Feb 2026
zfs
freebsd
unix
Same ZFS, same commands, radically different experience. On FreeBSD,
bectl is in base, the bootloader understands boot environments natively,
and recovery takes 30 seconds. On Linux, ZFS is a legal grey area
bolted on from outside.
09 Feb 2026
freebsd
linux
zfs
The ZFS commands are identical on FreeBSD and Linux. The snapshots work
the same way. The difference is everything around them: kernel integration,
boot environments, and what happens when you upgrade.
08 Feb 2026
kubernetes
docker
performance
cloud
82 per cent of container users run Kubernetes in production. The control
plane demands 12-24 GB RAM before your app serves one request. CPU
utilisation: 10 per cent. 34 workdays per year troubleshooting. The
performance tax, itemised.
08 Feb 2026
javascript
node
performance
The job description is admirably brief: a request arrives, HTML leaves.
And yet, a quarter century of accretion has produced something rather more elaborate.
07 Feb 2026
sql
architecture
performance
ORMs hide complexity instead of eliminating it. They promise database
portability you will never use and obscure queries you should understand.
SQL has worked since 1974. Your ORM will be deprecated before your queries are.
06 Feb 2026
docker
linux
devops
Docker did not solve a technical problem. It monetised a political one.
Linux could not agree on a base system, so the industry shipped the
entire OS with every application. The invoice, from 1979 to 2026.
05 Feb 2026
css
architecture
web
OOCSS arrived in 2009. BEM arrived in 2010. Both produce identical
specificity (0,1,0). One reads like a sentence. The other reads like a
German compound noun. Five prefixes, one meaning each, and the naming
convention the industry should have adopted.
05 Feb 2026
architecture
web
javascript
In 1979, Trygve Reenskaug invented MVC for Smalltalk desktop applications.
Then Ruby on Rails borrowed the terminology for the web. One small problem:
the web works rather differently.
04 Feb 2026
redis
architecture
performance
Salvatore Sanfilippo built Redis in 2009. Single-threaded by design.
One event loop, no locks. 100,000+ operations per second on modest
hardware. Sub-millisecond latency. The industry believed concurrency
requires threads. Redis proved it requires architecture.
03 Feb 2026
unix
tooling
freebsd
Ken Thompson wrote the first man pages for Unix Version 1 in 1971.
Fifty-five years later, the format remains. One structure. Every tool.
Always. Offline documentation that matches the version you are actually
running. No tracking. No cookie banners.
01 Feb 2026
zfs
freebsd
security
Jeff Bonwick and Matthew Ahrens built ZFS at Sun Microsystems in 2005.
Filesystems trusted hardware that lies. ZFS trusts mathematics instead.
Copy-on-Write, end-to-end checksumming, instant snapshots. The filesystem
that verifies everything.
01 Feb 2026
ssh
security
unix
Theo de Raadt forked SSH in 1999. The original was accumulating
licence restrictions and complexity. OpenSSH stripped it down,
audited everything, and assumed the network is hostile. 32 million
servers. 25 years. One serious vulnerability. The paranoia paid off.
01 Feb 2026
web
architecture
javascript
"Give teams autonomy." Four teams, four frameworks, four pipelines,
four security postures. A cross-team feature ships in month three.
Conway's Law called. Nobody answered.
01 Feb 2026
javascript
web
architecture
In 2010, vanilla JavaScript built the web. In 2026, a React Hello World
installs 2,839 packages. The supply chain, the bundle, and the native
APIs that were there all along.
31 Jan 2026
architecture
web
Five HTTP verbs. Fifty status codes. URL hierarchies. Content negotiation.
HATEOAS that nobody implements. All to answer: client wants something from
server. JSON-RPC answered that in 2005. Thirty lines of specification.
30 Jan 2026
cloud
architecture
devops
Serverless is not serverless. It is MicroVMs with amnesia, vendor lock-in
with four incompatible dialects, and cold starts that cost more than the
server you were trying to avoid. The invoice, itemised.
30 Jan 2026
unix
tooling
architecture
Andrew Tridgell had a problem in 1996: synchronising files over slow
links. The naive approach copies everything. rsync splits files into
chunks, computes rolling checksums, and transfers only the differences.
29 years. One algorithm. No vendor. No subscription.
29 Jan 2026
unix
tooling
architecture
Fabrice Bellard started FFmpeg in 2000. The multimedia world was
fragmented: dozens of proprietary formats, incompatible codecs, expensive
licensing. FFmpeg handles every format ever created. 1.5 million lines
of C. Powers YouTube, Netflix, VLC, Spotify. Everything else is a wrapper.
29 Jan 2026
unix
tooling
1979. John Gilmore writes tar for Unix V7. Tape ARchive. One format,
one purpose: bundle files into a stream. No compression, no encryption,
no opinions. 45 years later, every container image is a stack of tarballs.
OCI spec, section 5.
29 Jan 2026
css
web
For three decades, CSS lied about lightness. HEX told you nothing.
HSL promised perceptual uniformity and delivered optical illusion.
OKLCH, light-dark(), and Relative Color Syntax fix the problem.
No JavaScript. No media queries.
28 Jan 2026
unix
tooling
Nicholas Marriott wrote tmux in 2007 because GNU Screen had accumulated
three decades of cruft. BSD-licensed. 60,000 lines of C. Persistent sessions,
window splitting, scriptable. The terminal multiplexer that replaced its
predecessor by being smaller.
28 Jan 2026
freebsd
docker
unix
Docker needs a daemon, image layers, a registry, overlay networks, and
volume mounts. FreeBSD Jails need a directory and a config file. Native
kernel isolation since 2000. ZFS snapshots in milliseconds. No daemon.
No images. No layers. The replacement, not the alternative.
27 Jan 2026
rust
architecture
performance
After 20 years of PHP, I needed something new for backend work. Everyone
said Go. I chose Rust instead. The compiler is your private tutor. No
null, no exceptions, no garbage collector. One binary. A twentieth of
the memory.
27 Jan 2026
freebsd
linux
security
unix
Fresh server, SSH open, auth.log fills up. Linux reaches for fail2ban
, a Python daemon that parses logs after the fact. FreeBSD solves
it in four lines of pf.conf, in the kernel, before the attacker finishes
the first attempt.
26 Jan 2026
freebsd
linux
unix
FreeBSD runs Linux binaries natively. No emulator. No VM. No container.
The kernel translates syscalls in real time, at less than 1% overhead.
Since 1995. The reverse does not exist. The door swings one way.
25 Jan 2026
ssh
unix
devops
Ansible. Puppet. Chef. Salt. All solving the same problem SSH solved
twenty years earlier. A for loop, scp, and configs in git. For five
servers, you do not need a framework. You need a shell script.
25 Jan 2026
typescript
javascript
tooling
ECMAScript is a complete language. Types are not missing from JavaScript:
they were never part of the specification. A preference and a deficiency
are not the same thing.
24 Jan 2026
devops
tooling
architecture
45-minute pipelines, 20 per cent of the work week lost to YAML, and a
supply chain that leaked 23,000 repositories of secrets. The pipeline
is not the solution. It is the longest-running workaround in the industry.
23 Jan 2026
lua
unix
tooling
25,000 lines of C. A 200 KB binary. Embedded in World of Warcraft,
Lightroom, nginx, Redis, Neovim, Roblox, Nmap. Born from Brazilian trade
barriers. MIT licence. Include one header, link one library, call
lua_pcall().
22 Jan 2026
demoscene
lua
240 by 136 pixels. 16 colours. 4 audio channels. TIC-80 deliberately
mimics 1980s hardware. Spectrox squeezed voxel landscapes, copper bar
effects, and an underwater endscroller out of those constraints. Second
place at Deadline Berlin 2025.
20 Jan 2026
unix
tooling
Aho, Weinberger, Kernighan. 1977. A pattern-action language for text
processing. One pass through the data. No compilation. The entire
language fits on a reference card. Still the fastest way to extract
columns from structured text.
19 Jan 2026
architecture
web
Over eight episodes we dissected individual performance problems. Stand back
far enough and a shape emerges. The same shape, every time. Today we name it.
18 Jan 2026
demoscene
64k
creative-coding
65,536 bytes. Three people. A real-time rendered film with physically-based
rendering, volumetric lighting, procedural everything, and a synthesised
soundtrack. No external assets. Twenty bytes under the limit.
18 Jan 2026
unix
devops
freebsd
Prometheus needs 2 GB RAM to monitor 10 services. The Unix shell has
had monitoring since 1971: ps, top, vmstat, netstat. One shell script
replaces an entire observability stack for 90% of deployments.
17 Jan 2026
architecture
sql
performance
Complete audit trail! Time travel! Never lose data! A shopping cart
with 10 items produces 13+ events. A 3 TB replay takes 10 hours.
The inventor wrote a book about one sub-problem. The event sourcing
invoice, itemised.
17 Jan 2026
ssh
wireguard
security
unix
SSH plus shell replaces Ansible, Python, YAML, Jinja2, inventory
files, role dependencies, and Galaxy collections. OpenSSH since
1999. Shell since 1971. Both outlive every automation tool.
15 Jan 2026
demoscene
64k
creative-coding
Razor 1911, founded 1985. Their 2012 demo is 64 kilobytes of irony:
CRT scanlines, Dubmood's soundtrack, and a running gag the demoscene
has been telling itself for three decades. UNESCO cultural heritage.
Still not dead.
14 Jan 2026
unix
architecture
Some of the most elegant systems ever built are behind closed doors.
QNX fit a complete POSIX OS on a 1.44 MB floppy. BeOS had pervasive
multithreading before anyone understood why it mattered. NeXTSTEP
gave us the web browser and macOS. Elegance has no licence requirement.
14 Jan 2026
agile
architecture
methodology
Story points were invented to stop managers converting estimates into
deadlines. Then the industry converted story points into deadlines.
The inventor apologised in 2019. The industry carried on. Goodhart's
Law, dressed in a Fibonacci sequence.
14 Jan 2026
html
javascript
web
44 KB of JavaScript to accomplish what HTML does with five characters:
<input required>. The browser validates. Shows localised error messages.
Accessible by default. No npm install required. Since 2014.
13 Jan 2026
unix
tooling
architecture
One loop. One file. Every minute. Since 1975. Ken Thompson wrote the
first version at Bell Labs. Paul Vixie rewrote it in 1987. 2,500 lines
of C. No dependencies. The modern alternative requires Kubernetes.
cron requires a text file.
12 Jan 2026
demoscene
4k
creative-coding
4,096 bytes. A complete audiovisual experience: procedural geometry,
synthesised soundtrack, real-time rendering. Prismbeings proved in 2018
that limitation breeds creativity. The demoscene is UNESCO cultural
heritage. Hardly anyone noticed.
09 Jan 2026
cloud
kubernetes
docker
devops
"Pay only what you use." The bill is 47 pages and requires a FinOps specialist
to decode. Netflix uses AWS for the back office. For delivering video to
260 million subscribers: FreeBSD, jails, bare metal.
08 Jan 2026
unix
tooling
freebsd
In 2004, Hisham Muhammad looked at top and saw a tool from 1984
pretending the terminal was still a teletype. One binary replaced
an entire workflow: top, ps, grep, kill, renice, lsof. 12,000
lines of C. Zero configuration.
07 Jan 2026
javascript
web
performance
React ships 142 KB before your code runs. The browser ships querySelector,
addEventListener, Web Components, Proxy, and fetch. Zero kilobytes.
The framework was always there.
07 Jan 2026
security
tooling
unix
Filippo Valsorda wrote age because GPG had become unusable. One binary.
One command to encrypt. One command to decrypt. No key servers, no web
of trust, no configuration. The successor PGP never managed to be.
06 Jan 2026
freebsd
architecture
unix
Poul-Henning Kamp built FreeBSD Jails in 1999. Kernel-level isolation,
near-zero overhead, native ZFS integration. Stable API for 25 years.
No daemon, no overlay network, no orchestration layer. 14 years before
Docker, the problem was already solved.
05 Jan 2026
css
javascript
react
web
CSS-in-JS is writing CSS in JavaScript to generate CSS. The runtime
overhead, the 13 KB library tax, hydration roulette, and the browser
that understood you all along. Since 1996.
04 Jan 2026
css
web
tooling
Sass was revolutionary in 2012. Variables, nesting, functions. In 2026,
CSS does all of it natively. No build step. No node-sass conflicts.
No dart-sass migration. The bridge has arrived.
03 Jan 2026
architecture
performance
Defensive loops, trained hedging, three tool-calls where one would do.
Data centres humming at full capacity. Not for answers. For comfort.
The demoscene taught me: 4 KB leaves no space for bullshit.
02 Jan 2026
javascript
node
tooling
"But it's just one dependency!" That sentence has done more damage to software
security than any zero-day exploit. It installs 1,400 packages before your
kettle has boiled.
31 Dec 2025
javascript
web
performance
"We need a Single Page Application." A perfectly reasonable sentence,
provided one does not ask the follow-up question. But let us ask it anyway.
30 Dec 2025
nginx
architecture
unix
Igor Sysoev built nginx in 2004 because Apache's thread-per-connection
model was architecturally wrong. Event-driven, pure C, no framework.
10,000 connections on a single process. 34 per cent of all websites.
F5 Networks paid $670 million. Still the correct architecture.
29 Dec 2025
angular
typescript
javascript
web
Angular is the SAP of frontend frameworks. Zone.js monkey-patches
30+ browser APIs, a Hello World ships 500 KB, and Google builds
Angular but does not use it. The performance tax, itemised.
28 Dec 2025
architecture
devops
Divide and conquer. The oldest strategy of control. Fragment the opposition.
Isolate the units. They call it Agile.
27 Dec 2025
kubernetes
docker
cloud
devops
81 resource types. 200 lines of YAML to replace one systemctl command. A
platform team before your first customer. The Kubernetes invoice, itemised.
26 Dec 2025
curl
unix
tooling
Daniel Stenberg released curl in 1998. 26 years, zero breaking
changes, one dependency: libc. Runs on 10+ billion devices.
180,000 lines of C, 30+ protocols. Every HTTP library wraps
libcurl. The bedrock the industry pretends it built itself.
24 Dec 2025
postgresql
sql
unix
Michael Stonebraker built POSTGRES at Berkeley in 1986. Minimal core,
everything extensible. 38 years, 17 major versions, same BSD licence.
No corporate owner, no licence changes. The extension architecture
that outlasted every trend.
23 Dec 2025
git
architecture
unix
Linus Torvalds built git in ten days. 10 MB, no server, no database,
no dependencies beyond libc. Content-addressable, distributed, backwards
compatible since 2005. The tooling around it weighs more than the tool itself.
22 Dec 2025
css
performance
web
Flexbox arrived to solve layout. Then the industry used it for everything.
Twelve wrapper divs for a holy grail layout that CSS Grid solves in three
lines. The layout tax, itemised.
21 Dec 2025
javascript
html
css
web
80% of the JavaScript on modern websites solves problems that do not
exist anymore. Accordions, modals, form validation, lazy loading. The
browser ships all of it. Zero kilobytes.
20 Dec 2025
architecture
docker
devops
"But deployments are cleaner!" That sentence has launched more Kubernetes clusters
than any legitimate scaling requirement. Let us examine the invoice.
17 Dec 2025
wireguard
security
unix
Jason Donenfeld built WireGuard in 4,000 lines of code. OpenVPN
needs 100,000. IPsec is worse. Linus Torvalds called it a work of
art. 57 per cent faster. In the Linux kernel since 2020. Readable
in an afternoon.
16 Dec 2025
sqlite
architecture
unix
D. Richard Hipp built SQLite in 2000 for a US Navy destroyer.
600 KB, single file, zero configuration. 156,000 lines of source,
92 million lines of tests. Powers every phone, most browsers,
probably your car. Public domain. Supported until 2050.
15 Dec 2025
react
javascript
typescript
web
React 18 ships 136 KB minified before you have written a single line of
application code. The Virtual DOM costs 30 per cent versus vanilla JavaScript.
95 per cent of websites do not need it. The performance invoice, itemised.
14 Dec 2025
javascript
web
tooling
Browsers have understood ES Modules since 2018. HTTP/2 solved the
request overhead in 2015. For 90% of projects under 50 modules,
the build pipeline is not solving complexity. It is the complexity.
07 Dec 2025
javascript
architecture
web
In 2013, a German data scientist discovered Xerox scanners were silently
changing numbers in scanned documents. No error. No warning. Just a quiet
substitution.
07 Dec 2025
caddy
nginx
web
unix
Caddy replaces Nginx, Certbot, Cron, and renewal hooks. One binary.
Zero TLS configuration. Auto HTTPS since 2015. Your reverse proxy
config fits in a tweet. The replacement, not the alternative.
25 Dec 2024
web
performance
The web got far too loud. Pop-overs, cookie banners, newsletter modals,
autoplay, scroll-jacking. The native dialog element, content-visibility,
and one preferences wizard replace every banner. Zero interruptions.
18 Dec 2024
architecture
web
MVC was invented in 1979 for Smalltalk desktop GUIs. The web has no
persistent controller, no event loop, no state between requests. 30%
performance overhead from abstraction layers that serve no purpose
in HTTP. The leanest architecture is the one you do not need to explain.