https://en.wikipedia.org/wiki/Henry_Dreyfuss
Henry Dreyfuss is responsible for so many of the designs of everyday objects you take for granted. I recently brought him up in a discussion I was having where we lamented the frankly appalling industrial design of many modern versions of things with pointless touchscreens, wireless radios, and impossible to use ergonomics. I humorously joked that Dreyfuss must be rolling in his grave.
https://mcyoung.xyz/2025/04/21/go-arenas/
I've always tried to explain to devs that you can do manual memory management in a garbage collected language. The simplest method is to just start using resource pools. The reason to manually manage memory is to prevent the garbage collector interrupting you randomly. If you have a lot of identical objects you're routinely allocating ror a limited amount of time, I suggest you look into them.
Either way, I came across this piece discussing how you can dig deeper in Go if you want to get even more manual control of your memory in a garbage collected language. They show how you can effectively implement an arena allocator.
When would you want an arena allocator? Whenever you have a bunch of work you want to allocate during and then a single point in time where you want to wipe it all away and start again. Instead of randomly pausing and running mark-sweep, you can just set the memory index to zero when the work is done. It's perfect for work loops like web request handlers, scratch space during game update/render loops, and between file processing.
While I like manually controlling memory, I also like being lazy. I like the idea of structuring languages where you can nest manually controlled memory regions within an otherwise GC environment. Allowing you to reach for power tools when appropriate.
https://www.troyhunt.com/processing-23-billion-rows-of-alien-txtbase-stealer-logs/
https://www.troyhunt.com/experimenting-with-stealer-logs-in-have-i-been-pwned/
Part two in which stealer logs
https://www.troyhunt.com/begging-for-bounties-and-more-info-stealer-logs/
Three posts about beg bounties. In our ongoing deterioration into a society predominantly defined by scams and cons, bug bounties are becoming an increasing target of malicious actors. In this case, one group of attackers have created huge pools of people infected with malware. They use that malware to steal login credentials to websites and build massive doses, colloquially referred to as stealer logs. These are passed around for pay in private channels for money until it gets shared in a channel with a leak. At that point these collections hit the web.
This is where our new bottom feeders enter the scene. Being essentially talentless and morally bankrupt, they search out these lists and then contact all the sites who have users with computers infected with malware (so basically any site with a big enough user base). When someone shows up with a list of legitimate user credentials for your site, you take notice. How'd they get them? Your worst fear, there's a problem in your site leaking credentials.
The reality is much more benign. They're available through a few well known internet forums. They then try to spin a tale about how you need to pay them thousands of monies for forwarding them to you. Even if one percent of companies react before they think, contact a few thousand companies and you can make bank before it becomes too obvious a scam.
Loud sound at the 56 minute mark. The fire alarm goes off and it's quite loud because the recording is fairly soft.
I quite like the elements of style discussed here. The style rules presented tend to port fairly well as general concepts to any other language. For example, I now try and order the blocks of my conditionals to put the shorter block at the top, even when it requires negating the conditional as I first think of it.
I'm sure I've picked up a couple other techniques from here and I hope you will too.
https://lucumr.pocoo.org/2020/1/1/async-pressure/
Another piece to add to the long running debate on whether or not python's asyncio is worth it. My guess is in 3-5 years it'll become a regrettable complexity in the ecosystem when full lock free threading becomes generally available. Just in time for everyone to have significant investment in red versus blue functions that we can't easily backtrack on.
If language committees could stop adding everything just because it exists in another language C++ style, that would be great. In JavaScript's case, async was a worthwhile problem to add in order to solve the existing problem of having to live inside an event loop outside your control and simultaneously having access to anonymous functions. More specifically that given such a language, developers will instinctively nest lambda callbacks until they're in so deep they're forced to start using single spaces as indentation.
CSP like in Go takes a step forward by not color coding functions, but takes two steps back by having the standard library magically hard code which syscalls are blocking. The more I keep looking at the problem, the more I think I have to agree with Jeff Bonwick and Brian Cantrill who note how userspace multitasking will forever over promise and under deliver. How fundamentally, non-preemptive multitasking leads to an endless series of design problems you don't have if you just let your OS schedule you.
Great recap of many of the proofs we have about provability.
https://en.wikipedia.org/wiki/Great_Stork_Derby
Not the type of thing I usually share, but it kind of sticks with you.