Risky Business
Mon, Oct 21, 2024
Philosophies of Cryptographic Libraries
Fri, Sep 27, 2024
Signatures are like backups
Mon, Sep 9, 2024
The impact of memory safety on sandboxing
Fri, Aug 30, 2024
Safer C++
Sun, Aug 18, 2024
Defining the memory safe problem
Mon, Oct 2, 2023
Buffers on the edge: Python and Rust
Sun, Oct 23, 2022
What's in a version number? (Or: Musings on backwards compatibility)
Thu, Oct 7, 2021
Why software ends up complex
Mon, Nov 30, 2020
CSVs: The good, the bad, and the ugly
Thu, Sep 24, 2020
What science can tell us about C and C++'s security
Wed, May 27, 2020
Dayenu for Open Source
Fri, Apr 10, 2020
Scaling Software Development
Tue, Feb 18, 2020
2019 Security Wish List In Review
Tue, Dec 24, 2019
On Safety Critical Software
Thu, Nov 7, 2019
A Memory Safety Research Agenda
Mon, Sep 2, 2019
Introduction to Memory Unsafety for VPs of Engineering
Mon, Aug 12, 2019
Read code more
Thu, Jul 11, 2019
Modern C++ Won't Save Us
Sun, Apr 21, 2019
Notes on the challenges to the adoption of security keys
Wed, Apr 10, 2019
Chrome + Windows Exploit: Security Beyond Bugfixes
Thu, Mar 7, 2019
Notes on fuzzing ImageMagick and GraphicsMagick
Tue, Feb 5, 2019
Security wish list for 2019
Sun, Jan 6, 2019
Optimize for Auditability
Thu, Dec 13, 2018
The worst truism in information security
Fri, Jul 20, 2018
Lessons learned at USDS
Tue, Mar 20, 2018
Known unknowns - zero-days in the wild
Tue, Feb 20, 2018
The mysterious case of (deny dynamic-code-generation)
Mon, Jan 29, 2018
A vulnerability by any other name
Mon, Nov 20, 2017
Response to Deputy Attorney General Rosenstein's remarks on Encryption
Fri, Oct 13, 2017
Surviving Apache Struts CVE-2017-5638
Mon, Sep 18, 2017
Categorizing Security Engineering Work
Mon, Sep 11, 2017
Forward secrecy is the most important thing
Wed, Apr 26, 2017
Introduction to Certificate Transparency for Server Operators
Mon, Apr 17, 2017
A year of tracking my HTTP requests
Sun, Mar 26, 2017
SHA1 and Richard Feynman
Sun, Feb 26, 2017
Looking for work
Fri, Dec 23, 2016
OSS-Fuzz initial impressions
Sat, Dec 3, 2016
Intro to threat modeling
Fri, Jul 29, 2016
Anatomy of a Crypto Vulnerability
Mon, Mar 14, 2016
Announcing letsencrypt-aws
Wed, Jan 20, 2016
Don't have environments
Tue, Jan 19, 2016
Shrinking your code review
Tue, Dec 29, 2015
5 critically important security projects
Sat, Nov 28, 2015
Telemetry for Open Source
Thu, Sep 3, 2015
Rust: A modern programming environment
Mon, Jul 20, 2015
Tips for Improving Your Company's Security
Mon, Jun 8, 2015
Tips for Scaling Web Apps
Wed, May 27, 2015
Introduction to Fuzzing in Python with AFL
Mon, Apr 13, 2015
Red Hat and the Open Source Community
Mon, Mar 30, 2015
DevOps vs. Platform Engineering
Fri, Mar 6, 2015
Software Of the People, By the People, For the People
Tue, Feb 3, 2015
The State of the News and TLS: Part II
Tue, Dec 30, 2014
The West Wing Revisited: Let Bartlet Be Bartlet
Sun, Dec 21, 2014
The State of the News and TLS
Wed, Nov 12, 2014
I Hope Twitter Goes Away
Thu, Oct 30, 2014
My Ideal Development Environment
Mon, Oct 27, 2014
The West Wing Revisited: Six Meetings Before Lunch
Sun, Oct 19, 2014
The West Wing Revisited: The White House Pro-Am
Sat, Oct 18, 2014
The West Wing Revisited: 20 Hours in L.A.
Fri, Oct 17, 2014
The West Wing Revisited: Celestial Navigation
Thu, Oct 16, 2014
The West Wing Revisited: Take this Sabbath Day
Wed, Oct 15, 2014
The West Wing Revisited: Take out the Trash Day
Tue, Oct 14, 2014
Advocating for the Devil
Mon, Oct 13, 2014
The West Wing Revisited: He Shall, From Time to Time?
Mon, Oct 13, 2014
The West Wing Revisited: Lord John Marbury
Sun, Oct 12, 2014
The West Wing Revisited: In Excelsis Deo
Sat, Oct 11, 2014
The West Wing Revisited: The Short List
Fri, Oct 10, 2014
The West Wing Revisited: Enemies
Thu, Oct 9, 2014
The West Wing Revisited: The State Dinner
Wed, Oct 8, 2014
The West Wing Revisited: Mr. Willis of Ohio
Tue, Oct 7, 2014
How to Code Review Without Being a Jerk
Mon, Oct 6, 2014
HTTP Considered Unethical
Mon, Oct 6, 2014
The West Wing Revisisted: The Crackpots and These Women
Mon, Oct 6, 2014
The West Wing Revisited: Five Votes Down
Sun, Oct 5, 2014
The West Wing Revisited: A Proportional Response
Fri, Oct 3, 2014
The West Wing Revisited: Post Hoc Ergo Propter Hoc
Thu, Oct 2, 2014
Python for Ada
Tue, Sep 23, 2014
The West Wing Revisited
Sun, Sep 21, 2014
Math Games
Mon, Aug 4, 2014
There is a flash of light! Your PYTHON has evolved into ...
Fri, Jul 4, 2014
Quo Vadimus?
Mon, May 26, 2014
Service
Mon, May 19, 2014
Best of PyCon 2014
Thu, Apr 17, 2014
House and Twitter
Thu, Mar 20, 2014
Why Crypto
Wed, Feb 12, 2014
Why Travis CI is great for the Python community
Mon, Jan 6, 2014
PyPI Download Statistics
Fri, Jan 3, 2014
About Python 3
Mon, Dec 30, 2013
Gender neutral language - An FAQ
Sat, Nov 30, 2013
Affirmative action
Wed, Nov 27, 2013
Security process for Open Source Projects
Sat, Oct 19, 2013
Meritocracy
Sat, Oct 12, 2013
Thoughts on Lavabit
Wed, Oct 2, 2013
Effective Code Review
Thu, Sep 26, 2013
Being negative
Sun, Sep 22, 2013
Doing a release is too hard
Tue, Sep 17, 2013
You guys know who Philo Farnsworth was?
Sun, Sep 15, 2013
Your project doesn't mean your playground
Sun, Sep 8, 2013
Why I support diversity
Wed, Aug 28, 2013
An open letter to the security community
Sat, Aug 3, 2013
You don't have to be a jerk to code review
Tue, Jul 16, 2013
Your tests are not a benchmark
Mon, Jul 15, 2013
Thoughts on OpenStack
Thu, Jul 11, 2013
Weekly Updates
Thu, Jun 20, 2013
Moving to Rackspace
Mon, May 6, 2013
Perception
Tue, Apr 16, 2013
Disambiguating BSON and msgpack
Sat, Feb 16, 2013
Software Design: 80/20 libraries
Sun, Jan 6, 2013
Linux on the Desktop Dead
Mon, Sep 3, 2012
The compiler rarely knows best
Thu, Jul 12, 2012
Why personal funding
Wed, Jul 4, 2012
5 years, 2 months, and 28 days
Sat, May 26, 2012
The perils of polyglot programming
Fri, Dec 23, 2011
Why del defaultdict()[k] should raise an error
Mon, Nov 28, 2011
RCOS NumPy Talk
Fri, Nov 18, 2011
The run-time distinction
Tue, Oct 11, 2011
So you want to write a fast Python?
Sun, Jul 10, 2011
DjangoCon Europe 2011 Slides
Tue, Jun 7, 2011
This Summer
Fri, May 6, 2011
My experience with the computer language shootout
Sun, Apr 3, 2011
PyPy San Francisco Tour Recap
Wed, Mar 9, 2011
Django and Python 3 (Take 2)
Thu, Feb 17, 2011
Announcing VCS Translator
Fri, Jan 21, 2011
PyCon 2011 is going to be Awesome
Fri, Jan 21, 2011
2010 in Review
Fri, Dec 31, 2010
Getting the most out of tox
Fri, Dec 17, 2010
Programming Languages Terminology
Fri, Nov 19, 2010
Symptoms and Diseases
Thu, Nov 18, 2010
A statically typed language I'd actually want to use
Thu, Nov 4, 2010
Not everything sucks
Thu, Nov 4, 2010
The continuous integration I want
Tue, Nov 2, 2010
National Blog Post Month
Mon, Nov 1, 2010
Priorities
Sun, Oct 24, 2010
Cui Bono
Thu, Oct 21, 2010
Prohibition doesn't Work
Thu, Oct 14, 2010
The Pakistan Problem
Wed, Oct 6, 2010
US Interventionism and its Fallout
Sun, Oct 3, 2010
Dynamic and Static Programming Languages and Teaching
Wed, Sep 29, 2010
US Counterinsurgency and Terrorism Policy
Sun, Sep 26, 2010
Afghani Elections
Tue, Sep 21, 2010
django-taggit 0.9 Released
Tue, Sep 21, 2010
Political Religion
Mon, Sep 20, 2010
Democracy in Colonial Areas
Tue, Sep 14, 2010
Upcoming Content
Tue, Sep 14, 2010
DjangoCon 2010 Slides
Mon, Sep 13, 2010
Education Slides
Mon, Aug 16, 2010
PyOhio Slides
Mon, Aug 2, 2010
Testing Utilities in Django
Tue, Jul 6, 2010
MultiMethods for Python
Sat, Jun 26, 2010
Hey, could someone write this app for me
Tue, Jun 8, 2010
DjangoCon.eu slides
Mon, May 24, 2010
PyPy is the Future of Python
Sat, May 15, 2010
A Tour of the django-taggit Internals
Sun, May 9, 2010
Why Utilitarianism Fails
Thu, May 6, 2010
Cool New django-taggit API
Tue, May 4, 2010
Making Django and PyPy Play Nice (Part 1)
Fri, Apr 16, 2010
Designer Developer Relations
Mon, Mar 29, 2010
Towards Application Objects in Django
Sun, Mar 28, 2010
Languages Don't Have Speeds, Or Do They?
Mon, Mar 15, 2010
PyCon Roundup - Days 2-4
Mon, Mar 8, 2010
PyCon Roundup - Days 0 and 1
Fri, Feb 26, 2010
Committer Models of Unladen Swallow, PyPy, and Django
Thu, Feb 25, 2010
Thoughts on HipHop PHP
Tue, Feb 2, 2010
Why Open Source Works
Wed, Jan 27, 2010
I Have Talent
Fri, Jan 15, 2010
Dive into Python 3 Review
Tue, Jan 12, 2010
Hot Django on WSGI Action (announcing django-wsgi)
Mon, Jan 11, 2010
A New Home
Fri, Jan 8, 2010
A few thoughts on education
Wed, Dec 2, 2009
A month in review
Tue, Dec 1, 2009
You Built a Metaclass for *what*?
Mon, Nov 30, 2009
Getting Started with Testing in Django
Sun, Nov 29, 2009
Django and Python 3
Sat, Nov 28, 2009
Why Meta.using was removed
Fri, Nov 27, 2009
Just a Small Update
Thu, Nov 26, 2009
Final Review of Python Essential Reference
Wed, Nov 25, 2009
Filing a Good Ticket
Tue, Nov 24, 2009
Using PLY for Parsing Without Using it for Lexing
Mon, Nov 23, 2009
A Bit of Benchmarking
Sun, Nov 22, 2009
Things College Taught me that the "Real World" Didn't
Sat, Nov 21, 2009
Announcing django-admin-histograms
Thu, Nov 19, 2009
Another Pair of Unladen Swallow Optimizations
Thu, Nov 19, 2009
Writing a Lexer
Tue, Nov 17, 2009
My Next Blog
Mon, Nov 16, 2009
Initial Review: Python Essential Reference
Sun, Nov 15, 2009
Why jQuery shouldn't be in the admin
Sat, Nov 14, 2009
Syntax Matters
Fri, Nov 13, 2009
Why I'm not very excited about Go
Thu, Nov 12, 2009
When Django Fails? (A response)
Wed, Nov 11, 2009
The State of MultiDB (in Django)
Tue, Nov 10, 2009
Software that deserves a thank you
Mon, Nov 9, 2009
Another Unladen Swallow Optimization
Sun, Nov 8, 2009
My Workflow
Sat, Nov 7, 2009
Towards a Better Template Tag Definition Syntax
Fri, Nov 6, 2009
The Pycon Program Committee and my PyCon Talk
Thu, Nov 5, 2009
Django's ManyToMany Refactoring
Wed, Nov 4, 2009
Diving into Unladen Swallow's Optimizations
Tue, Nov 3, 2009
Introduction to Unladen Swallow
Mon, Nov 2, 2009
Another month of blogging?
Sun, Nov 1, 2009
Optimising compilers are there so that you can be a better programmer
Sat, Oct 10, 2009
Django-filter 0.5 released!
Fri, Aug 14, 2009
pyvcs .2 released
Sun, Jul 12, 2009
Announcing pyvcs, django-vcs, and piano-man
Sun, Jul 5, 2009
A response to "Python sucks"
Thu, Jun 4, 2009
EuroDjangoCon 2009
Tue, May 5, 2009
Ajax Validation Aministrivia
Thu, Apr 16, 2009
ORM Panel Recap
Mon, Mar 30, 2009
PyCon Wrapup
Mon, Mar 30, 2009
Google Moderator for PyCon ORM Panel
Sun, Mar 15, 2009
Announcing django-filter
Sat, Feb 14, 2009
A Second Look at Inheritance and Polymorphism with Django
Tue, Feb 10, 2009
Building a Magic Manager
Sat, Jan 31, 2009
Django Ajax Validation 0.1.0 Released
Sat, Jan 24, 2009
Optimizing a View
Mon, Jan 19, 2009
New Admin URLs
Wed, Jan 14, 2009
2008 and 2009
Sat, Jan 3, 2009
Building a Read Only Field in Django
Sun, Dec 28, 2008
Building a Function Templatetag
Thu, Dec 25, 2008
Many Thanks to Webfaction
Thu, Dec 25, 2008
PyCon '09, Here I come!
Mon, Dec 15, 2008
Playing with Polymorphism in Django
Fri, Dec 5, 2008
A month in review
Tue, Dec 2, 2008
A Few More Thoughts on the Identity Mapper
Mon, Dec 1, 2008
Fixing up our identity mapper
Mon, Dec 1, 2008
Building a simple identity map in Django
Sat, Nov 29, 2008
Other ORM Goodies
Sat, Nov 29, 2008
Some thoughts on Blogging
Thu, Nov 27, 2008
What aggregates are going to look like
Thu, Nov 27, 2008
Home Sweet Home
Wed, Nov 26, 2008
A timeline view in Django
Mon, Nov 24, 2008
A quick update
Sun, Nov 23, 2008
Thinking about netbooks
Sun, Nov 23, 2008
My Programming Language - Status Update
Fri, Nov 21, 2008
Why I don't use easy_install
Thu, Nov 20, 2008
Uncoupled code is good, but doesn't exist
Wed, Nov 19, 2008
What Python learned from economics
Tue, Nov 18, 2008
Running the Django Test Suite
Mon, Nov 17, 2008
What I'm excited about in Django 1.1
Sun, Nov 16, 2008
Python Things
Sat, Nov 15, 2008
And now for the disclaimer
Fri, Nov 14, 2008
Django Models - Digging a Little Deeper
Thu, Nov 13, 2008
What software do I use?
Wed, Nov 12, 2008
Getting Started With PLY - Part 3
Mon, Nov 10, 2008
How the Heck do Django Models Work
Mon, Nov 10, 2008
Getting Started With PLY - Part 2
Sun, Nov 9, 2008
Getting Started With PLY
Sat, Nov 8, 2008
That's not change we can believe in
Fri, Nov 7, 2008
Building a Programming Language with Python
Thu, Nov 6, 2008
PyGTK and Multiprocessing
Wed, Nov 5, 2008
More Laziness with Foreign Keys
Tue, Nov 4, 2008
Lazy User Foreign Keys
Mon, Nov 3, 2008