It’s Monday. I’ve been home since Fri night, but with a busy weekend, I’m still recovering from the PASS Data Community Summit. There’s a nice wrap from the crew, which you can watch. You might spot yourself in there if you attended.This is a short post of some memories and photos from the event. As usual, I wish I had more. One sad thing was Chris Yates not coming due to other commitments, but I loved seeing him on a sign in the convention center. I sent him this shot.Every year I find myself either over-committed or under-committed. The latter…
Author: drweb
Many SRE initiatives stall because organizations adopt the title without the principles. True SRE success requires leadership vision, cultural change, shared KPIs and continuous maturity measurement—not tools alone.
When you’re managing a Linux server, especially one with multiple users, you need visibility into what’s happening on your system, such as who’s logged in? What commands are they running? how much CPU time is being consumed? These aren’t just curiosity questions; they’re essential for security, troubleshooting, and resource management. psacct and acct are both open source utilities for monitoring users’ activities on the Linux system. These utilities run in the background and keep track of each user’s activity on your system as well as what resources are being consumed. I personally used these tools in our company, we have…
Coding agents like Claude Code, Gemini CLI, Codex, Kiro, and OpenCode are changing how developers work. But as these agents become more autonomous with capabilities like deleting repos, modifying files, and accessing secrets, developers face a real problem: how do you give agents enough access to be useful without adding unnecessary risk to your local environment? A More Effective Way to Run Local Coding Agents Safely. We’re working on an approach that lets you run coding agents in purpose-built, isolated local environments. Local sandboxes from Docker that wrap agents in containers that mirror your local workspace and enforce strict boundaries…
For more than a decade, the evolution of infrastructure automation has followed a clear trajectory. Organizations have invested in workflows, pipelines, controllers, and compliance engines because the market demanded stronger guarantees around reliability and scale. Outages turned into measurable losses. Small misconfigurations cascaded into systemic failures. Even highly skilled teams struggled to keep pace with […]
Distributed systems form the backbone of modern large-scale computing, from cloud platforms to distributed databases and large clusters.As a PhD student, you need resources that go beyond the basics, combining strong theoretical foundations with practical insights. And ideally, they should be freely accessible.♥️ Info: Are you AI curious but you still have to create real impactful projects? Join our official AI builder club on Skool (only $5): SHIP! – One Project Per MonthThe following five books are all legally available online at no cost and are well-suited to accompany you through graduate-level research in distributed systems.Distributed Systems (4th Edition) —…
Security that moves fast: Docker’s response to Shai Hulud 2.0 On November 21, 2025, security researchers detected the beginning of what would become one of the most aggressive npm supply chain attacks to date. The Shai Hulud 2.0 campaign compromised over 25,000 GitHub repositories within 72 hours, targeting packages from major organizations including Zapier, ENS Domains, PostHog, and Postman. The malware’s self-propagating design created a…
Shift-left observability makes monitoring a modular, built-in part of DevOps—improving reliability, cost efficiency, and visibility across modern cloud-native systems.
On November 21, 2025, security researchers detected the beginning of what would become one of the most aggressive npm supply chain attacks to date. The Shai Hulud 2.0 campaign compromised over 25,000 GitHub repositories within 72 hours, targeting packages from major organizations including Zapier, ENS Domains, PostHog, and Postman. The malware’s self-propagating design created a compounding threat that moved at container speed, not human speed. This variant executed during npm’s preinstall phase, harvesting developer credentials, GitHub tokens, and cloud provider secrets before packages even finished installing. Stolen credentials appeared in public GitHub repositories labeled “Sha1-Hulud: The Second Coming,” creating a…
I was a big fan of Coil back when it existed. The surface story of Coil was it was a browser extension you could install and you’d hook it up to an “online wallet” (with currency in it). Then websites could put a (or ?) tag on their website that was essentially a public key to their online wallet. You’d tell Coil how much money you were good for and it would sprinkle out your funds automatically to sites you visited that had this set up. It was a little “thanks for making a website that I visit, here’s a…