Defining the memory safe problem

Buffers on the edge: Python and Rust

What's in a version number? (Or: Musings on backwards compatibility)

Why software ends up complex

CSVs: The good, the bad, and the ugly

What science can tell us about C and C++'s security

Dayenu for Open Source

Scaling Software Development

2019 Security Wish List In Review

On Safety Critical Software

A Memory Safety Research Agenda

Introduction to Memory Unsafety for VPs of Engineering

Read code more

Modern C++ Won't Save Us

Notes on the challenges to the adoption of security keys

Chrome + Windows Exploit: Security Beyond Bugfixes

Notes on fuzzing ImageMagick and GraphicsMagick

Security wish list for 2019

Optimize for Auditability

The worst truism in information security

Lessons learned at USDS

Known unknowns - zero-days in the wild

The mysterious case of (deny dynamic-code-generation)

A vulnerability by any other name

Response to Deputy Attorney General Rosenstein's remarks on Encryption

Surviving Apache Struts CVE-2017-5638

Categorizing Security Engineering Work

Forward secrecy is the most important thing

Introduction to Certificate Transparency for Server Operators

A year of tracking my HTTP requests

SHA1 and Richard Feynman

Looking for work

OSS-Fuzz initial impressions

Intro to threat modeling

Anatomy of a Crypto Vulnerability

Announcing letsencrypt-aws

Don't have environments

Shrinking your code review

5 critically important security projects

Telemetry for Open Source

Rust: A modern programming environment

Tips for Improving Your Company's Security

Tips for Scaling Web Apps

Introduction to Fuzzing in Python with AFL

Red Hat and the Open Source Community

DevOps vs. Platform Engineering

Software Of the People, By the People, For the People

The State of the News and TLS: Part II

The West Wing Revisited: Let Bartlet Be Bartlet

The State of the News and TLS

I Hope Twitter Goes Away

My Ideal Development Environment

The West Wing Revisited: Six Meetings Before Lunch

The West Wing Revisited: The White House Pro-Am

The West Wing Revisited: 20 Hours in L.A.

The West Wing Revisited: Celestial Navigation

The West Wing Revisited: Take this Sabbath Day

The West Wing Revisited: Take out the Trash Day

Advocating for the Devil

The West Wing Revisited: He Shall, From Time to Time?

The West Wing Revisited: Lord John Marbury

The West Wing Revisited: In Excelsis Deo

The West Wing Revisited: The Short List

The West Wing Revisited: Enemies

The West Wing Revisited: The State Dinner

The West Wing Revisited: Mr. Willis of Ohio

How to Code Review Without Being a Jerk

HTTP Considered Unethical

The West Wing Revisisted: The Crackpots and These Women

The West Wing Revisited: Five Votes Down

The West Wing Revisited: A Proportional Response

The West Wing Revisited: Post Hoc Ergo Propter Hoc

Python for Ada

The West Wing Revisited

Math Games

There is a flash of light! Your PYTHON has evolved into ...

Quo Vadimus?


Best of PyCon 2014

House and Twitter

Why Crypto

Why Travis CI is great for the Python community

PyPI Download Statistics

About Python 3

Gender neutral language - An FAQ

Affirmative action

Security process for Open Source Projects


Thoughts on Lavabit

Effective Code Review

Being negative

Doing a release is too hard

You guys know who Philo Farnsworth was?

Your project doesn't mean your playground

Why I support diversity

An open letter to the security community

You don't have to be a jerk to code review

Your tests are not a benchmark

Thoughts on OpenStack

Weekly Updates

Moving to Rackspace


Disambiguating BSON and msgpack

Software Design: 80/20 libraries

Linux on the Desktop Dead

The compiler rarely knows best

Why personal funding

5 years, 2 months, and 28 days

The perils of polyglot programming

Why del defaultdict()[k] should raise an error

RCOS NumPy Talk

The run-time distinction

So you want to write a fast Python?

DjangoCon Europe 2011 Slides

This Summer

My experience with the computer language shootout

PyPy San Francisco Tour Recap

Django and Python 3 (Take 2)

Announcing VCS Translator

PyCon 2011 is going to be Awesome

2010 in Review

Getting the most out of tox

Programming Languages Terminology

Symptoms and Diseases

A statically typed language I'd actually want to use

Not everything sucks

The continuous integration I want

National Blog Post Month


Cui Bono

Prohibition doesn't Work

The Pakistan Problem

US Interventionism and its Fallout

Dynamic and Static Programming Languages and Teaching

US Counterinsurgency and Terrorism Policy

Afghani Elections

django-taggit 0.9 Released

Political Religion

Democracy in Colonial Areas

Upcoming Content

DjangoCon 2010 Slides

Education Slides

PyOhio Slides

Testing Utilities in Django

MultiMethods for Python

Hey, could someone write this app for me slides

PyPy is the Future of Python

A Tour of the django-taggit Internals

Why Utilitarianism Fails

Cool New django-taggit API

Making Django and PyPy Play Nice (Part 1)

Designer Developer Relations

Towards Application Objects in Django

Languages Don't Have Speeds, Or Do They?

PyCon Roundup - Days 2-4

PyCon Roundup - Days 0 and 1

Committer Models of Unladen Swallow, PyPy, and Django

Thoughts on HipHop PHP

Why Open Source Works

I Have Talent

Dive into Python 3 Review

Hot Django on WSGI Action (announcing django-wsgi)

A New Home

A few thoughts on education

A month in review

You Built a Metaclass for *what*?

Getting Started with Testing in Django

Django and Python 3

Why Meta.using was removed

Just a Small Update

Final Review of Python Essential Reference

Filing a Good Ticket

Using PLY for Parsing Without Using it for Lexing

A Bit of Benchmarking

Things College Taught me that the "Real World" Didn't

Announcing django-admin-histograms

Another Pair of Unladen Swallow Optimizations

Writing a Lexer

My Next Blog

Initial Review: Python Essential Reference

Why jQuery shouldn't be in the admin

Syntax Matters

Why I'm not very excited about Go

When Django Fails? (A response)

The State of MultiDB (in Django)

Software that deserves a thank you

Another Unladen Swallow Optimization

My Workflow

Towards a Better Template Tag Definition Syntax

The Pycon Program Committee and my PyCon Talk

Django's ManyToMany Refactoring

Diving into Unladen Swallow's Optimizations

Introduction to Unladen Swallow

Another month of blogging?

Optimising compilers are there so that you can be a better programmer

Django-filter 0.5 released!

pyvcs .2 released

Announcing pyvcs, django-vcs, and piano-man

A response to "Python sucks"

EuroDjangoCon 2009

Ajax Validation Aministrivia

ORM Panel Recap

PyCon Wrapup

Google Moderator for PyCon ORM Panel

Announcing django-filter

A Second Look at Inheritance and Polymorphism with Django

Building a Magic Manager

Django Ajax Validation 0.1.0 Released

Optimizing a View

New Admin URLs

2008 and 2009

Building a Read Only Field in Django

Building a Function Templatetag

Many Thanks to Webfaction

PyCon '09, Here I come!

Playing with Polymorphism in Django

A month in review

A Few More Thoughts on the Identity Mapper

Fixing up our identity mapper

Building a simple identity map in Django

Other ORM Goodies

Some thoughts on Blogging

What aggregates are going to look like

Home Sweet Home

A timeline view in Django

A quick update

Thinking about netbooks

My Programming Language - Status Update

Why I don't use easy_install

Uncoupled code is good, but doesn't exist

What Python learned from economics

Running the Django Test Suite

What I'm excited about in Django 1.1

Python Things

And now for the disclaimer

Django Models - Digging a Little Deeper

What software do I use?

Getting Started With PLY - Part 3

How the Heck do Django Models Work

Getting Started With PLY - Part 2

Getting Started With PLY

That's not change we can believe in

Building a Programming Language with Python

PyGTK and Multiprocessing

More Laziness with Foreign Keys

Lazy User Foreign Keys