understanding thread stack sizes and how alpine is different

Jun 25, 2021
From time to time, somebody reports a bug to some project about their program crashing on Alpine. Usually, one of two things happens: the developer doesn’t care and doesn’t fix the issue, because it works under GNU/Linux, or the developer fixes their program to behave correctly only for the Alpine case, and it remains silently broken on other platforms.

the end of freenode

Jun 14, 2021
My first experience with IRC was in 1999. I was in middle school, and a friend of mine ordered a Slackware CD from Walnut Creek CDROM. This was Slackware 3.4, and contained the GNOME 1.x desktop environment on the disc, which came with the BitchX IRC client. At first, I didn’t really know what BitchX was, I just thought it was a cool program that displayed random ascii art, and then tried to connect to various servers.

the vulnerability remediation lifecycle of Alpine containers

Jun 8, 2021
Anybody who has the responsibility of maintaining a cluster of systems knows about the vulnerability remediation lifecycle: vulnerabilities are discovered, disclosed to vendors, mitigated by vendors and then consumers deploy the mitigations as they update their systems. In the proprietary software world, the deployment phase is colloquially known as Patch Tuesday, because many vendors release patches on the second and fourth Tuesday of each month.

actually, BSD kqueue is a mountain of technical debt

Jun 6, 2021
A side effect of the whole freenode kerfluffle is that I’ve been looking at IRCD again. IRC, is of course a very weird and interesting place, and the smaller community of people who run IRCDs are largely weirder and even more interesting. However, in that community of IRCD administrators there happens to be a few incorrect systems programming opinions that have been cargo culted around for years.

A slightly-delayed monthly status update

Jun 4, 2021
A few weeks ago, I announced the creation of a security response team for Alpine, of which I am presently the chair. Since then, the team has been fully chartered by both the previous Alpine core team, and the new Alpine council, and we have gotten a few members on board working on security issues in Alpine.

the whole freenode kerfluffle

May 20, 2021
But the thing is IRC has always been a glorious thing. The infra has always been sponsored by companies or people. But the great thing about IRC is you can always vote and let the networks and world know which you choose - by using /server. — Andrew Lee (rasengan), chairman of freenode limited

AlpineConf 2021 recap

May 18, 2021
Last weekend was AlpineConf, the first one ever. We held it as a virtual event, and over 700 participants came and went during the weekend. Although there were many things we learned up to and during the conference that could be improved, I think that the first AlpineConf was a great success!

using qemu-user emulation to reverse engineer binaries

May 5, 2021
QEMU is primarily known as the software which provides full system emulation under Linux’s KVM. Also, it can be used without KVM to do full emulation of machines from the hardware level up. Finally, there is qemu-user, which allows for emulation of individual programs. That’s what this blog post is about.

The various ways to check if an integer is even

Apr 27, 2021
You have probably seen this post on Twitter by now: But actually, the way most people test whether a number is even is wrong. It’s not your fault, computers think differently than we do. And in most cases, the compiler fixes your mistake for you. But it’s been a long day of talking about Alpine governance, so I thought I would have some fun.

Why apk-tools is different than other package managers

Apr 25, 2021
Alpine as you may know uses the apk-tools package manager, which we built because pre-existing package managers did not meet the design requirements needed to build Alpine. But what makes it different, and why does that matter? apk add and apk del manipulate the desired state In traditional package managers like dnf and apt, requesting the installation or removal of packages causes those packages to be directly installed or removed, after a consistency check.