Subscription confirmed. Thank you for subscribing!
October 27, 2020 12:00PM
A few months ago, after reading about Cloudflare doubling its intern class, I quickly dusted off my CV and applied for an internship. Long story short: now, a couple of months later, I found myself staring at Linux kernel code and adding a pretty cool feature to gVisor....
September 18, 2020 12:00PM
eBPF Linux UDP ProgrammingSYN-cookies help mitigating SYN-floods for TCP, but how can we protect services from similar attacks that use UDP? We designed an algorithm and a library to fill this gap, and it’s open source!...
July 08, 2020 12:00PM
Linux Security Sandbox System callsIn this post we will review Linux seccomp and learn how to sandbox any (even a proprietary) application without writing a single line of code....
April 06, 2020 12:00PM
Conntrack Linux Network TCPWe were wondering - can we just enable Linux "conntrack"? How does it actually work? I volunteered to help the team understand the dark corners of the Linux's "conntrack" stateful firewall subsystem....
March 25, 2020 12:00PM
Linux Kernel Crypto Performance SecurityEncrypting data at rest is vital for Cloudflare with more than 200 data centres across the world. In this post, we will investigate the performance of disk encryption on Linux and explain how we made it at least two times faster for ourselves and our customers!...
More Posts
