Guilherme Nogueira
@hopugop.bsky.social
I'm a Linux aficionado and geek. Blogging about noSQL, Linux, networking and security.
Technical Director @ ScyllaDB
Technical Director @ ScyllaDB
Reposted by Guilherme Nogueira
@sarna.dev's latest blog post picks for writethat.blog...
I’m writing another book! // @ericlippert.com
Zig's new async I/O // Andrew Kelley
Corrosion // @sockpuppet.org, Peter Cai (@fly.io)
How I reversed Amazon's Kindle web obfuscation because their app sucked // Cats with power tools
I’m writing another book! // @ericlippert.com
Zig's new async I/O // Andrew Kelley
Corrosion // @sockpuppet.org, Peter Cai (@fly.io)
How I reversed Amazon's Kindle web obfuscation because their app sucked // Cats with power tools
November 4, 2025 at 7:49 PM
@sarna.dev's latest blog post picks for writethat.blog...
I’m writing another book! // @ericlippert.com
Zig's new async I/O // Andrew Kelley
Corrosion // @sockpuppet.org, Peter Cai (@fly.io)
How I reversed Amazon's Kindle web obfuscation because their app sucked // Cats with power tools
I’m writing another book! // @ericlippert.com
Zig's new async I/O // Andrew Kelley
Corrosion // @sockpuppet.org, Peter Cai (@fly.io)
How I reversed Amazon's Kindle web obfuscation because their app sucked // Cats with power tools
Reposted by Guilherme Nogueira
If we get one more AI-generated Monster Scale Summit submission, I will cry. Humans, please -- apply to speak! This is P99 CONF's sister conference, and we're open to talks on extreme scale engineering and distributed system challenges. www.scylladb.com/monster-scal...
Monster Scale Summit
Monster Scale Summit is a highly technical conference on extreme scale engineering and data-intensive applications.
www.scylladb.com
October 27, 2025 at 7:56 PM
If we get one more AI-generated Monster Scale Summit submission, I will cry. Humans, please -- apply to speak! This is P99 CONF's sister conference, and we're open to talks on extreme scale engineering and distributed system challenges. www.scylladb.com/monster-scal...
Reposted by Guilherme Nogueira
Next week’s Monster Scale Summit will be scary good. Keynotes include @kelseyhightower.com, @martin.kleppmann.com, @chris.blue, @gwenshap.bsky.social, @rstephens.me & @adamhjk.me. Given the price of admission (zero) and travel time (also zero), there’s really no excuse to miss this!
March 6, 2025 at 5:35 PM
Next week’s Monster Scale Summit will be scary good. Keynotes include @kelseyhightower.com, @martin.kleppmann.com, @chris.blue, @gwenshap.bsky.social, @rstephens.me & @adamhjk.me. Given the price of admission (zero) and travel time (also zero), there’s really no excuse to miss this!
Reposted by Guilherme Nogueira
Why Teams Are Ditching DynamoDB, by @cardeneti82118@x.com and @hopugop.bsky.social (@thenewstack@hachyderm.io):
Why Teams Are Ditching DynamoDB
thenewstack.io
January 29, 2025 at 8:30 AM
Why Teams Are Ditching DynamoDB, by @cardeneti82118@x.com and @hopugop.bsky.social (@thenewstack@hachyderm.io):
no bills to pay, dgaf
January 17, 2025 at 2:28 PM
no bills to pay, dgaf
Reposted by Guilherme Nogueira
The tablets feature
of ScyllaDB is very impressive. It simplifies maintenance and looks like a solid foundation for possible autoscaling www.scylladb.com/2024/12/03/e...
of ScyllaDB is very impressive. It simplifies maintenance and looks like a solid foundation for possible autoscaling www.scylladb.com/2024/12/03/e...
ScyllaDB 2024.2 Introduces New Efficiency & Elasticity via “Tablets” - ScyllaDB
Scaling operations with Tablets are up to 30X faster while reducing network costs by up to 50%
www.scylladb.com
December 14, 2024 at 12:35 PM
The tablets feature
of ScyllaDB is very impressive. It simplifies maintenance and looks like a solid foundation for possible autoscaling www.scylladb.com/2024/12/03/e...
of ScyllaDB is very impressive. It simplifies maintenance and looks like a solid foundation for possible autoscaling www.scylladb.com/2024/12/03/e...
Reposted by Guilherme Nogueira
Linux for PlayStation 2 (2002)
Posted by nyaa
#Linux #console #Sony #Playstation #PS2 #Playstation2 #OperatingSystem #OS #Geek
Posted by nyaa
#Linux #console #Sony #Playstation #PS2 #Playstation2 #OperatingSystem #OS #Geek
October 9, 2024 at 8:44 PM
Linux for PlayStation 2 (2002)
Posted by nyaa
#Linux #console #Sony #Playstation #PS2 #Playstation2 #OperatingSystem #OS #Geek
Posted by nyaa
#Linux #console #Sony #Playstation #PS2 #Playstation2 #OperatingSystem #OS #Geek
Reposted by Guilherme Nogueira
I'm watching some folks reverse engineer the xz backdoor, sharing some *preliminary* analysis with permission.
The hooked RSA_public_decrypt verifies a signature on the server's host key by a fixed Ed448 key, and then passes a payload to system().
It's RCE, not auth bypass, and gated/unreplayable.
The hooked RSA_public_decrypt verifies a signature on the server's host key by a fixed Ed448 key, and then passes a payload to system().
It's RCE, not auth bypass, and gated/unreplayable.
This might be the best executed supply chain attack we've seen described in the open, and it's a nightmare scenario: malicious, competent, authorized upstream in a widely used library.
Looks like this got caught by chance. Wonder how long it would have taken otherwise.
Looks like this got caught by chance. Wonder how long it would have taken otherwise.
Woah. Backdoor in liblzma targeting ssh servers.
www.openwall.com/lists/oss-se...
It has everything: malicious upstream, masterful obfuscation, detection due to performance degradation, inclusion in OpenSSH via distro patches for systemd support…
Now I’m curious what it does in RSA_public_decrypt
www.openwall.com/lists/oss-se...
It has everything: malicious upstream, masterful obfuscation, detection due to performance degradation, inclusion in OpenSSH via distro patches for systemd support…
Now I’m curious what it does in RSA_public_decrypt
March 30, 2024 at 5:13 PM
I'm watching some folks reverse engineer the xz backdoor, sharing some *preliminary* analysis with permission.
The hooked RSA_public_decrypt verifies a signature on the server's host key by a fixed Ed448 key, and then passes a payload to system().
It's RCE, not auth bypass, and gated/unreplayable.
The hooked RSA_public_decrypt verifies a signature on the server's host key by a fixed Ed448 key, and then passes a payload to system().
It's RCE, not auth bypass, and gated/unreplayable.